CROSSWORD CYBERSECURITY PLC€¦ · Corporate Governance Report 17 Directors’ Report & Statement of Directors’ Responsibilities 29 Independent Auditor’s Report 32 FINANCIAL

CROSSWORDCYBERSECURITY

ANNUAL REPORT & ACCOUNTS

2018

PLC

For more information visit

www.crosswordcybersecurity.com

STRATEGIC REPORTChairman’s Statement 2

Chief Executive Officer’s Statement 4

Performance Review 6

Principal Risks 7

CORPORATE GOVERNANCEThe Board 14

Corporate Governance Report 17

Directors’ Report & Statement of Directors’ Responsibilities 29

Independent Auditor’s Report 32

FINANCIAL STATEMENTSConsolidated Financial Statements 38

Notice of AGM 57

Company Information 59

CONTENTS

Crossword Cybersecurity plc is the parent company of the Crossword group of companies which focuses on the cyber security sector. The Group’s strategy is the development and commercialisation of university research based cyber security related software and cyber security consulting.

Revenue is generated by selling the Software as a Service products direct to end user companies or via partners. This is supported by Crossword’s team of expert cyber security consultants, who leverage years of experience in national security, defence and commercial cyber intelligence and operations to provide advice on cyber security risk and mitigation, strategy, assessment and transformation and other cyber security related matters.

1

STRATEGIC REPORT GOVERNANCE FINANCIAL STATEMENTS

HIGHLIGHTS

• ManagementTeamstrengthenedwiththeadditionoffulltimeFinanceDirectorandHRManager

• Over1,000universitybasedcybersecurityresearchprojectsfromUK,Europe,USAandAustraliaidentified

• Continuedtoengagewithresearchintensiveuniversitypartnerstoexplorecommercialisationopportunities

• MOUwithIPGroupplctocommercialisecybersecurityintellectualproperty

• 2successfulofficemoves


AIM Admission14 Dec 2018 (Fundraise£2.0m*)*Totalraisedin2018£4.16m

TRANSITIONED FROM R&D TO REVENUE GENERATINGPipeline build to £1.4m in over 30 companies in a wide range of sectors

• SaaSRevenuedoubles• ConsultingRevenuealmostdoubles

Rizikon Assurance salesactivitysignificantlyscalesup.

ByzGen Ltd receivesafurther£1.5minvestmentfromRegulatoryFinanceSolutionsLtd.

Nixer enhancedtoprovidemitigationagainstcredentialstuffing.

CyberOwl selectedtojoingovernmentinitiative,LORCA,whichaimstoconnectvendorswithcorporatesrequiringsolutionstomajorsecuritychallenges.

2

CROSSWORD CYBERSECURITY PLC ANNUAL REPORT AND ACCOUNTS 2018

Chairman’sStatement

“The last twelve months have been very exciting for Crossword and the Board is geared up for significant growth over the coming period.“

The financial year ending 31 December 2018 marked a transformational year for Crossword Cybersecurity plc, culminating in the Company’s successful admission to AIM, the London Stock Exchange’s growth market. In this report, I set out high level reflections on the year and on finance and governance, with the CEO’s Report that follows providing a more detailed review of the business, together with the financial and operational commentary.

ClearStrategyCrossword has a clear strategy of building a significant intellectual property based, AIM quoted cyber security business. Crossword is a technology commercialisation business focusing on cyber security. The Group develops and commercialises university research based cyber security related software and cyber security consulting.

Crossword closed the financial year with our lead product, Rizikon Assurance, having built up strong momentum with software revenue growth over 100% and a healthy sales pipeline, a good set of relationships with a range of cyber security focused universities and a fast growing specialist consulting team. The Group was successfully admitted to AIM at the end of the year, raising £2m in the process.

Management’s goals for the future are exciting and ambitious. The Board is fully supportive of Management in executing its growth plans for the business over the coming year and creating sustainable shareholder value.

FinanceDuring the period under review, the Board and Management have continued to adopt a robust set of financial controls. We were very pleased to welcome our new full-time Finance Director, Mary Dowd, in May 2018. With over 20 years’ experience, Mary wasted no time in reviewing and strengthening all of our financial operations and reporting and guided us smoothly through our AIM quoting.

3


REVENUE

£1.07mIncreased 45%from £737k in 2017

We strengthened the Group Balance Sheet during 2018 with two funding rounds, in March and December, totalling £4.16m. I would like to thank shareholders for their continued support for Crossword’s strategy.

StrongBoardandGovernanceThe Directors fully understand the importance of high standards of corporate governance and I refer you to the Chairman’s Corporate Governance Statement on page 17 of this report. The Board has adopted the Quoted Companies Alliance (“QCA”) Corporate Governance Code (the “QCA Code”) in line with the London Stock Exchange’s requirement for all AIM listed companies to adopt and comply with a recognised corporate governance code appropriate to the nature, complexity and scale of the Group. In addition, we ensure that we maintain high standards throughout the Group by operating a robust framework of controls, and more details can be found in the Director’s Report. The Board believes that, to deliver our corporate strategy, generate shareholder value on a sustainable basis and safeguard all of our stakeholders’ long-term interests, effective corporate governance is essential.

PromisingOutlookThe last twelve months have been very exciting for Crossword and the Board is geared up for significant growth over the coming period. The cyber security market continues to expand and there is a wealth of cyber security research for Crossword to mine. Having built a solid business over the past few years, with a strong product in the market, a dedicated sales and marketing team fully up to speed, an exceptional leadership team and a properly funded AIM listed cyber security business, I believe that we can look forward to a period of significant commercial growth.

Finally, I would like to thank all our employees for their hard work and dedication, as well as our university partners, business partners, suppliers and shareholders for their continued support. With your support, we are confident that we will deliver on Crossword’s potential over the coming months and years.

SirRichardDearloveKCMGOBE12 April 2019

4


ChiefExecutiveOfficer’sStatement

As Chief Executive Officer, I am pleased to present the annual report and audited accounts for Crossword Cybersecurity plc (“Crossword” or the “Company”) for the financial year ended 31 December 2018.The past twelve months has been a period of rapid development for Crossword, the technology commercialisation company focused on cyber security, on all fronts. At the beginning of 2018, Crossword was a relatively small, NEX growth market company with a new product, Rizikon, in the market, just beginning to transition from pure R&D to a commercial revenue generating company. A year later, Crossword is quoted on AIM, having raised £4.16m during 2018, recruited a mature sales team, strengthened our Board and management team, built a strong product pipeline, doubled product revenue and significantly grown its consulting activities, and on the way been awarded the accolade of NEX Exchange Company of the Year.

The Company’s admission to AIM in December was a major milestone on its journey, providing it with the platform that the Company needs for the next stage of growth. Crossword raised £2.16m earlier in the year (March), providing the capital to recruit the sales team and, on admission to AIM, it raised a further £2m to support continued sales and marketing activity, as well as product development.

In preparation for scaling up, Crossword was very pleased to attract two new Directors during the year. In February, Ruth Anderson joined the Board as a Non-Executive Director. Ruth is Director of Technology Risk at Lloyds Banking Group,

managing Group-wide change and transformation risk. Prior to joining Lloyds, Ruth was a Director in the cyber consulting Group at KPMG, having previous service in intelligence in the British Army. In May, Mary Dowd took up her post as Crossword’s Finance Director, joining the Board in June. Mary has over 20 years’ experience in both start up and large companies, including as Chief Operating Officer and Chief Financial Officer of a Company with operations in London, Hong Kong, Malta, New York, Boston and San Francisco.

The Company also reviewed its office arrangements in both London and Krakow, Poland, where the Company’s dedicated software development team is based, and executed two office moves successfully, moving to more modern offices in both locations, giving it capacity and flexibility to expand in the future in line with business needs.

As a technology commercialisation company, Crossword has been building up relationships with universities conducting interesting cyber security research and now has worked with or has memoranda of understanding with fourteen universities. The Company’s scientific team has identified over 1,000 cyber security projects from universities in the UK, Europe and the USA and has started an exercise of reviewing these research projects to identify ones that have promising intellectual property that Crossword believes it may be able to commercialise. Our robust project review process has assessed and is assessing projects for their potential marketability. Meanwhile, Crossword is continuing to develop the second product in its pipeline, Nixer, an application DDoS platform, and during the year the Company secured an InnovateUK grant to conduct research with Imperial College to extend Nixer’s functionality into defending against credential stuffing attacks. Nixer is expected to launch late in 2019. Additionally, a product proposal continues to be developed for Cyber AI.

TOTAL FUNDS RAISED

£4.16m

5


As part of preparing different commercialisation options, Crossword signed a memorandum of understanding (MoU) with £1Bn market cap, main market listed IP Group, the developer of intellectual property based businesses. The MoU sets up an understanding between IP Group and Crossword to commercialise cyber security intellectual property originating from university research projects. In pooling expertise from the two Groups, the MoU creates a framework to enable detailed technical and commercial exploration of the complex opportunities academia gives rise to.

The investment in a dedicated sales and marketing team began to pay off during the year, as the pipeline for the Company’s lead product, Rizikon Assurance, quickly built up to £1.4m of qualified opportunities across over 30 companies and some of those opportunities started to convert into contracts. As we move into 2019, the pipeline continues to grow. Overall, product revenue doubled in FY2018 versus the previous year, with clients across a range of sectors including Health, IT Services, Nuclear & Professional Services and a number of recurring revenue deals. Notable recent client wins from the 2018 pipeline for Rizikon Assurance included Nuvia, an international engineering, project management and service provider and Kinnerton Confectionery, Britain’s largest independent manufacturer of chocolate and novelty confectionery. Significant Rizikon Assurance enhancements, expected in the second quarter of 2019, will continue to drive the growth in pipeline and subsequent revenue, with anticipated increase in ticket price. In parallel, Crossword’s consulting business, with its mix of blue-chip cyber risk consultants and technical cyber security experts, went from strength to strength, working for a range of clients in industries such as financial services, aviation, professional services and energy. Our consulting business offers consulting, advice and testing, to companies who are looking to increase their cybersecurity resilience, along with consulting support to Crossword Cybersecurity plc’s product implementation.

In prior years, Crossword had helped create two new ventures, CyberOwl Ltd and ByzGen Ltd, to commercialise intellectual property originating from or created in cooperation with Coventry University and the University of Warwick respectively, and both of these companies were successful in raising additional investment during 2018. ByzGen raised an additional £1.5m in 2018, bringing the total amount raised to £2m. CyberOwl secured an additional £1m. Crossword has commercial revenue generating relationships, royalty arrangements or equity stakes with both of these companies.

The outlook for Crossword is positive. A recent government report estimated that the UK cyber security sector’s total revenue was £5.7Bn as at FY 2015/16 and it has continued growing since then. Crossword estimates that the potential addressable market for Rizikon Assurance alone is £300m per annum across 10,000 companies. Over the coming year, the Company intends to focus on sales and marketing activity across product and consulting, to drive up revenue rapidly.

Crossword’s success is a direct function of the commitment and skill of our staff and the support of our customers and university partners. I would like to take this opportunity to thank everyone who has enabled us to achieve fantastic results this year, as we prepare for the next stage of our growth journey.

TomIlubeCBEChiefExecutiveOfficerCrosswordCybersecurityPLC12 April 2019

6


PerformanceReview

FinancialReviewFINANCIAL POSITIONCrossword Cybersecurity plc finished the year with a strong cash balance of £2.2m.

RESULTSYear on year revenue increased by 45% to £1.07m, with SaaS (Software as a Service) revenue increasing by more than 100%. For the first time Crossword reported a (small) gross profit. Total Comprehensive Loss for the year was £2.2m.

Total cost of sales and administrative expenses increased by over £1.3m, driven mainly by staff costs and professional fees.

Total staff costs increased by over £560k, due to increases in staff numbers. Increases were across many departments, with the primary objective to achieve commercialisation of Rizikon. During 2018, the sales team was increased by five staff in April, our Finance Director joined in May and the HR Manager came on board in August.

85% of the £514k increase in professional fees was due to fees relating to the AIM listing.

Property related expenses increased by £88k. During 2018, both the UK and Polish offices moved. The UK office, which continues to be located in Richmond, Greater London, relocated in April 2018, from a serviced office to a sublet, with the capacity to allow for future growth in staff numbers. The Polish office, which continues to be located in Krakow, Poland, relocated in August 2018, to a leased property which also provides capacity for future growth.

Other costs such as training, travel, telephone, IT etc, increased, primarily as a result of the increase in staff numbers.

FUNDS RAISEDOn admission to AIM on 14 December 2018, Crossword raised £2.0m. Earlier in the year, in March 2018, Crossword raised £2.16m.

CASHFLOWSNet cash inflows in 2018 were £1.7m. Excluding proceeds from issue of ordinary shares, net cash outflows were £2.3m (£1.1m in 2017).

TAXATIONThe Group continues to claim Research and Development tax credits, with £192k accounted for in 2018 (£98k in 2017).

KPIsAs part of the new phase of commercialisation, the Group has introduced KPIs which are measured monthly. These include:

• Pipeline for Rizikon Assurance, measured gross and weighted, number of opportunities, and expected close date;

• Pipeline for Consulting, measured gross and weighted, number of opportunities, and expected close date;

• Contracts signed per month;

• Average contract value;

• Chargeability of Consulting staff;

• Recoverability of Consulting clients;

• Staff numbers by division.

As budgets were not established for these metrics for 2018, and there are no comparable figures, these KPIs will be reported in the 2019 Annual Report.

7


PrincipalRisks

The Board has overall responsibility for ensuring that risk is appropriately managed throughout the business. The Board is aware of the need to conduct regular risk assessments to identify any deficiencies in the controls currently operating over all aspects of the Company.

Risks to the achievement of strategic objectives are identified by the Executive Committee. The degree of risk is evaluated with reference to the impact and probability of the risk, considering inherent and residual risk. The Executive considers the nature and extent of the risks, the threat of such risks becoming reality, the ability to reduce the incidence and impact on its business if the risk materialises, and the costs and benefits resulting from operating relevant controls.

A Risk Register is prepared and regularly reviewed by the Executive Committee, and shared with the Audit Committee for independent review and robust challenge. The Risk Register includes a plan for mitigation of risks above the risk appetite of the business.

RisksrelatingtotheGroupandtheindustryinwhichitoperatesINTELLECTUAL PROPERTY ACQUISITION AND DEVELOPMENTCrossword acquires intellectual property (IP) rights from universities via licensing and IP transfer arrangements and then develops this IP into commercial products. Failure to secure good quality IP deals and to quickly and appropriately meet new cyber security challenges, will make it difficult for the Group to generate new products.

The success of this strategy depends on the ability of Crossword to source suitable IP and use its expertise in business management, marketing and product development to build solutions attractive to its potential customer base. Ultimately, Crossword will only succeed if it is able is to design, develop and sell new software solutions in a timely fashion that deliver operational reliability and effectiveness.

TECHNOLOGICAL CHANGESGenerally, product markets are exposed to rapid technological change, changes in use, changes to customer requirements and preferences, services employing new technologies and the emergence of new industry standards and practices. The Group operates in a market with such changes which have the potential to render the Group’s existing technology and products obsolete or uncompetitive.

To successfully remain competitive, the Group must ensure continued product improvement and the development of new markets and capabilities to maintain a pace congruent with changing technology. This added strain may stretch the Company’s capital resources which may adversely impact the revenues and profitability of the Company. The Company’s success is dependent on the ability to effectively respond and


8

PrincipalRiskscontinued

adapt to technological changes and changes to customer preferences. There can be no assurance that the Company will be able to effectively anticipate future technological changes or changes in customer preferences. Furthermore, there is also no assurance that the Company will have sufficient financial resources to effectively respond in a timely manner if such a change is anticipated.

REPUTATIONAL RISKSAs a cyber security company, Crossword is very conscious of its external reputation. If the Group is compromised as a result of a cyber incident, it would impact its clients’ confidence. Crossword has an experienced cyber security expert acting as its Chief Information Security Officer (CISO) and a strong technical team who actively seek to mitigate threats. Nonetheless, should an event take place which adversely affects the reputation of the Group, its future prospects and value could suffer.

COMPETITIONThere is no guarantee against new entrants or current competitors providing superior technologies, products or services to the market. There is no certainty that new entrants or current competitors will not provide equivalent products for a lower price. The Company may be forced to make changes to one or more of its products or to its pricing strategy to effectively respond to changes in customer preferences in order to remain competitive. This may impact negatively on the Company’s financial performance.

The Group’s consulting division operates in an environment that includes large international accounting firms and consultancies and a number of smaller niche players. There are very low start-up costs for any new entrant into the market and the Group cannot prevent any person or organisation from seeking to compete with it. There is a risk that an

existing competitor or a new entrant may, over time, be able to win work from the Group’s existing and future customers. In addition, larger competitors may, in the future, adopt more aggressive expansion strategies, which could include hiring additional experienced consultants and changing their business model and service offering to one that is directly comparable to that of the Group. This could, in theory, result in a material loss of customers from the Group to larger competitors and, therefore, have a material adverse impact on the financial performance of the Group.

KEY SYSTEM FAILURE, DISRUPTION OR INTERRUPTIONThe Company’s reliance on technology exposes it (the Company) to a significant risk in the event that such technology, or the Company’s systems, experience damage, interruption or failure in some form. A malfunctioning of the Company’s technology and systems, or those of key parties, could result in a diminished confidence in the Company’s services, resulting in a consequential material adverse effect on the Company’s operations and results.

DEPENDENCE ON THIRD PARTIES AND BUSINESS CONTINUITYKey components of Crossword’s technology platform may be dependent upon the continuing availability of a particular supplier.

The software development environment or data processing platforms may become unavailable for an extended period of time, thereby disrupting customers’ experience of Crossword’s products and services.

Crossword’s business is at risk from disruption of key systems and assets upon which it depends. The functioning of the IT systems on which it relies could be disrupted for reasons


9

either within or beyond its control, including, but not limited to: accidental damage; disruption to the supply of utilities or services; security breaches; extreme weather events; systems failure or workforce actions. There is a risk that such disruption may materially and adversely affect Crossword’s ability to offer services to customers and, therefore, materially and adversely affect its reputation, performance or financial condition.

ABILITY TO RECRUIT AND RETAIN SKILLED PERSONNELThe Company believes that it has the appropriate incentive structures to attract and retain the calibre of employees and contractors necessary to ensure the efficient management and development of the Company. However, any difficulties encountered in hiring, and retaining, appropriate employees and/or contractors and the failure to do so, or a change in market conditions that renders current incentive structures lacking, may have a detrimental effect upon the trading performance of the Company. The ability to attract new employees and contractors with the appropriate expertise and skills cannot be guaranteed.

FINANCIAL CONTROLS AND INTERNAL REPORTING PROCEDURESThe Company’s future growth and prospects will depend on its ability to manage growth and to continue to maintain, expand and improve operational, financial and management information systems on a timely basis, whilst at the same time maintaining effective cost controls. Any damage to, failure of or inability to maintain, expand and upgrade effective operational, financial and management information systems and internal controls in line with the Company’s growth could have a material adverse effect on the Company’s business, financial condition and results of operations.

GeneralbusinessrisksTAXATION RISKThe Company is subject to taxation and the application of such taxes may change over time due to changes to legislation, regulations or interpretations by the relevant tax authorities. Whilst no material changes are anticipated in such taxes, any such changes may have a material adverse effect on the Company’s financial condition and results of operations.

The continuing status of the ordinary shares as a qualifying holding for VCT and EIS purposes will be conditional, amongst other things, on the qualifying conditions being satisfied throughout the period of ownership. There can be no assurance that the Company will continue to conduct its activities in a way that will secure or retain qualifying status for VCT and/or EIS purposes.

COUNTERPARTY CREDIT RISKThere is a risk that parties with whom the Company trades or has other business relationships (including partners, customers, suppliers, subcontractors and other parties) may become insolvent. This may be as a result of general economic conditions or factors specific to that company. In the event that a party with whom the company trades becomes insolvent, this could have an adverse impact on the revenues and profitability of the Company.


10

PrincipalRiskscontinued

LEGAL RISKLegal risks include the inability to enforce security arrangements, an absence of adequate protection for intellectual property rights, an inability to enforce foreign judgements relating to contracts entered into by the Company that are governed by law outside England and Wales, absence of a choice of law, and an inability to refer disputes to arbitration or to have a limited choice with regard to arbitration rules, venue and language.

Mitigation measures for these risks may also be limited.

INSURANCE RISKThere can be no certainty that the Group’s insurance cover is adequate to protect against every eventuality.

The occurrence of an event for which the Group did not have adequate insurance cover could have a materially adverse effect on the Group’s business, revenue, financial condition, profitability, results, prospects and/or future operations.

ECONOMIC CONDITIONSThe Group could be affected by unforeseen events outside its control including economic and political events and trends, inflation and deflation or currency exchange fluctuations, potentially driven by Brexit. Any economic downturn, either globally or locally, in any area in which the Group operates may have an adverse effect on the demand for the Group’s products and services. A more prolonged economic downturn may lead to an overall decline in the volume of the Group’s activities and sales, restricting the Group’s ability to realise a profit. The markets in which the Group offers its services are directly affected by many national and international factors that are beyond the Group’s control.

CURRENCY EXCHANGE RISKThe Group’s functional currency is sterling. One subsidiary, Crossword Cybersecurity Sp. Z.o.o is based in Poland. Crossword Cybersecurity Sp. Z.o.o, where the functional currency is zloty, accounts for approximately 16 per cent of the total costs of the business. Exposure to this and other exchange rates may affect the Company’s results. The Company may consider implementing policies to limit its currency exposure, and will consider currency hedging instruments when they prove to be available and cost effective.

Market Opportunity


11

[Intentionally Left Blank]

CROSSWORDCYBERSECURITYCREATINGCYBERSECURITYPRODUCTS

STRATEGIC REPORT GOVERNANCE FINANCIAL STATEMENTS2018 A

NN

UA

LRE

PO

RT&

AC

CO

UN

TS2. CO

RP

OR

ATE GO

VER

NA

NC

E

REVENUE

£1.07mCROSSWORDCYBERSECURITYCREATINGCYBERSECURITYPRODUCTS

14


TheBoard

SirRichardDearloveKCMGOBE,Non-ExecutiveChairmanAppointment Date: 1st September 2016

SkillsandExperience:Sir Richard brings to the Board extensive experience across government, education and global business. Sir Richard joined MI6 in 1966 undertaking various overseas and head office roles before being promoted to Chief of the Secret Intelligence Service in 1999. He retired from the Service in 2004.

Externalappointments:Sir Richard is presently Chair of Trustees of University of London, Chairman of Ascot Underwriting Limited at Lloyd’s of London and a Director of Kosmos Energy, the New York Stock Exchange listed oil and gas exploration Company. He also holds several advisory roles.

MaryDowd, FinanceDirectorAppointment Date: 14th June 2018

SkillsandExperience:Mary was most recently Chief Operating Officer for Europe, the Middle East and Africa, and previously Chief Financial Officer at Cordium Consulting Group Limited, a leading provider of governance, risk and compliance services, with operations in London, Hong Kong, Malta, New York, Boston and San Francisco.

Mary brings over 20 years’ experience of working alongside business leaders. She has demonstrated a track record of managing finance teams to ensure timely delivery of relevant financial information to all stakeholders, providing clear leadership, continuous process improvement, and excellent communication.

She also brings to Crossword extensive experience of working in acquisitive businesses and providing transactional support.

Mary graduated from University College Galway, Ireland and has a post graduate Diploma in Business Studies from the same university. She is an associate member of the Chartered Institute of Management Accountants.

Externalappointments:None.

ThomasIlubeCBE, ChiefExecutiveOfficerAppointment Date: 6th March 2014

SkillsandExperience:Tom is founder and CEO of Crossword. Tom served as Chief Information Officer of Egg Banking plc, which at the time was a pioneering main market listed UK internet bank. Tom chaired the UK Government Technology Strategy Board’s Network Security Innovation panel. He was a member of the High Level Expert Group on Cyber security at the International Telecommunication Union (ITU), a Geneva based UN-agency. He was awarded a Doctor of Science (Honoris Causa) by City, University of London, an Honorary Doctor of Technology by the University of Wolverhampton and was appointed a CBE in the 2018 Birthday Honours for services to Technology and Philanthropy.

Externalappointments:Non-Executive Director of the BBC, member of Royal Bank of Scotland’s Technology Advisory Board and Advisory Fellow of St Anne’s College, Oxford.

RuthAnderson,IndependentNon-ExecutiveDirectorAppointment Date: 1st February 2018

SkillsandExperience:Ruth has over 15 years’ experience in the fields of security, intelligence, cybercrime and risk management.

She brings to the Board extensive experience across defence and law enforcement sectors and within financial services, developing and implementing cyber risk governance frameworks.

Ruth is currently head of Technology Risk at Lloyds Banking Group. She was previously a Director of Cyber in the Financial Services Department of KPMG. She served as the Head of Specialist Operational Support and also as the Head of Intelligence at the Child Exploitation and Online Protection Centre, where she delivered the first ever strategic threat assessment on child abuse in the online environment.

Prior to this, Ruth served in intelligence and security in the British Army.


The Directors in office during the year and at the date of this report are as shown below:


15

ProfessorDavidStupples,Non-ExecutiveDirectorAppointment Date: 16th June 2014

SkillsandExperience:David is currently Director of the Centre for Cyber and Security Sciences at City University London. In his early career, he was employed as an engineer in signals intelligence in the Royal Air Force followed by a period of intensive research into surveillance systems at the Royal Signal and Radar Establishment, Malvern. He spent three years developing highly secure communications for surveillance satellites for Hughes Aircraft Corporation in the United States of America. Later, he became a senior partner with PA Consulting Group where he undertook surveillance and intelligence systems research for Ministry of Defence (Navy) and was responsible for consultancy in secure communications and surveillance systems for world-wide clients.

Since 2003, David has been researching internet security at City University focused on cyber terrorism and organised cyber crime for both the UK Government and commercial companies. However, he still maintains an active interest in radar surveillance research.

Externalappointments:Professor Stupples is a member of the Defence Scientific Advisory Council (DSAC) and the Defence Procurement Agency’s Independent Advisory Board on Systems Integration.

DrDavidSecher,IndependentNon-ExecutiveDirectorAppointment Date: 16th June 2014

SkillsandExperience:David is an international expert in intellectual property technology transfer and research management. His experience includes Japan, Jordan, South Africa, Brazil, Chile, Australia, Argentina, India, Saudi Arabia and Lebanon as well as Europe and the USA. Dr Secher is a Life Fellow and until recently was Senior Bursar at Gonville & Caius College, Cambridge where he was responsible for the investment of a £210 million endowment.

David is Patron of PraxisAuril (formerly PraxisUnico) and Past Chairman of PraxisUnico. Until 31 October 2013, he was co-founder and chairman of Praxis Courses Limited, the leading UK technology transfer training programme. He served as Director of Research Services, University of Cambridge where he was responsible for creating and directing a new division of 80 staff, for designing and implementing an IP policy for the University and for technology transfer throughout the University resulting in £2 million licensing revenue, 40 new licences and six spin outs per year.

David was Chief Executive of N8 Limited, a consortium of eight research led universities in the North of England, securing initial funding of £6m from Regional Development Agencies. His earlier career was in molecular biology research with MRC Laboratory of Molecular Biology, Celltech Limited and Cancer Research Campaign (now Cancer Research UK). Dr Secher held or was named on three patents and is the holder of the Queen’s Award for Enterprise Promotion (2007) for creating “environments that favour enterprise, specialising in the practical aspects of commercialising the results of academic research”.

Externalappointments:Dr Secher is a Director of Cambridge KT Ltd, Trustee of Cambridge United Charities and Chairman of Fitzwilliam Museum (Enterprises) Ltd.

16


AndyGueritz,IndependentNon-ExecutiveDirectorAppointment Date: 21st September 2015

SkillsandExperience:Andy is an experienced Senior Advisor with a successful track record in helping clients improve and transform their business by managing technology better and creating new technology-based ventures. As a Vice President at marchFIRST (formerly Mitchell Madison Group), Andy led the European B2B e21 Commerce Strategy and IT Strategy Practices. Before becoming a consultant, he attained Board level responsibility in a successful career in software development and systems implementation.

At K2 Systems plc (subsidiary of 4Front Technology Inc.), he was Customer Service and Development Director, responsible for all client service and delivery operations, amongst other roles. Notable systems implemented in his time at K2/4Front include, bespoke procurement, telesales and billing systems; a call centre based on workflow and CTI technologies; and a client-server insurance claims handling system, incorporating document image processing. Prior to 4Front, Andy was a Development Executive at McDonnell Douglas Information Systems and also worked for Marconi Defence Systems on a number of electronic warfare and guided weapons projects.

Andy is a Chartered Fellow of the BCS (FBCS), Chartered IT Practitioner (CITP), Chartered Engineer (C.Eng), Fellow of the IET (FIET), and a European Engineer registered at FEANI. He holds a First Class Honours degree in Electrical and Electronic Engineering with Computer Science from Queen Mary University of London.


GordonMatthew, Non-ExecutiveDirectorAppointment Date: 24th June 2015

SkillsandExperience:Until recently, Gordon was Interim Managing Director at Arden Group Limited, a mid-market unified communications and IT services provider. Arden was successfully sold to Babble Cloud on 19 October 2018. He recently became Non-Executive Chairman of Flow Communications Limited, experts in designing, building, implementing and supporting customers’ global IT infrastructure requirements.

Previously, Gordon served as Chief Executive Officer of Azzurri Communications Limited and was responsible for ensuring that it met its financial and growth targets. He has served as the Chief Executive Officer of Ramesys (later RedSky IT) Holdings Limited where he was responsible for the successful turnaround, growth and exit of the business through two significant transactions in December 2005 and January 2007.

Gordon has over 20 years’ IT experience with broad experience of software applications, services, large bespoke developments and telecommunications. He also spent five years at Software AG (UK) where he oversaw all aspects of product and service delivery.

Externalappointments:Gordon currently acts as Non-Executive Consultant to Adventoris Limited and Ensign Communications Limited. Gordon was the Non-Executive Chairman of Intrinsic Technology Limited from October 2011 to August 2017, m-hance Limited from May 2014 to August 2016, and Science Warehouse from June 2016 to February 2018. Gordon is also Non-Executive Chairman at Flow Communications Ltd.

TheBoardcontinued


17

CorporateGovernanceReport

Chairman’sIntroductionThe Directors acknowledge the importance of high standards of corporate governance and have adopted the principles set out in the Quoted Companies Alliance Corporate Governance Code for Small and Mid-Size Quoted Companies (the “QCA Code”) 2018, given the Group’s size and the constitution of the Board. The QCA Code sets out a standard of minimum best practice for small and mid-size quoted companies, particularly AIM companies.

The Chairman and the Board accept the importance and responsibility of setting good corporate culture, values and behaviours. The Board also acknowledges its responsibility in delivering the long-term success of the Company for the benefit of shareholders and other stakeholders.

This Corporate Governance Report describes how the Company has applied the principles and standards set out in the Code during the year and, to the extent it has not done so, any deviations from them. It is the Board’s view that the Company has complied with all of the provisions of the Code during the year ended 31 December 2018.

Principle1:Establishastrategyandbusinessmodelwhichpromotelong-termvalueforshareholdersThe Company’s strategy report is on pages 2 to 11 of this report.

The Company’s objective is to be the European leader in commercialising cyber security research originating from universities. The Company does this by acquiring IP rights through licences from universities and working with the university partners to develop the research concept into a fully-fledged commercial product that it then takes to market.

Where appropriate, Crossword will transfer the IP to separate companies in which it will retain a commercial interest. So far, Crossword has been instrumental in the development of two such companies, ByzGen Limited and CyberOwl Limited.

Principle2:SeektounderstandandmeetshareholderneedsandexpectationsCrossword is committed to engaging with its shareholders to ensure that its strategy, business model and performance is clearly understood. The Company communicates with shareholders and potential investors through a variety of channels, including regular financial reporting, direct contact with its major shareholders and release of regulatory announcements, which are available on its website.

Regulatory announcements include details of the Company’s website and the relevant contact at the Company, as well as its professional advisors.

The Annual General Meeting (AGM) provides another opportunity for dialogue between shareholders and the Board. The Chair of the Board and of the Committees, together with other Directors, routinely attend the AGM and are available to answer questions raised by the shareholders. At the meeting, each vote, the number of proxy votes received for, against and withheld is announced. The results of the AGM are subsequently published on the Company’s website and released via a regulatory information service provider.

A range of corporate information, including all Company announcements, is also available to shareholders, investors and the public on the Company’s corporate website, www.crosswordcybersecurity.com.

18


Principle3:Takeintoaccountwiderstakeholderandsocialresponsibilitiesandtheirimplicationsforlong-termsuccessApart from our shareholders, our most important stakeholder groups are our employees, our partners, our clients and the universities we work with. The Board receives regular updates from executives on stakeholder feedback and their potential impact on our business to enable them to understand and consider this feedback in decision-making. The Board understands that maintaining the support of all its stakeholders is paramount for the long-term success of the Company.

EMPLOYEESCrossword aims to provide an environment which will attract, retain and motivate its team. The Company has a small number of permanent staff employed across the UK and Poland and, therefore, employee engagement with the senior management, who pride themselves on their availability and flexibility, is frequent through daily discussions and meetings. Staff are encouraged to give regular feedback in relation to their needs, interests and expectations on away days, general discussions or one-to-one meetings with their line managers. These can then be addressed at the fortnightly management meeting with all senior members of the team, where further actions will be discussed. Furthermore, the team engages in a weekly call where staff are able to communicate with all levels of the team across both countries.

Crossword reviews its processes and policies, which are guided by the principles of fairness and integrity, to make continuous improvements for its staff. The Company is currently exploring further methods of obtaining feedback from its staff, including employee opinion surveys, exit interviews in the event people decide to leave the business, and follow up interviews with new employees. Crossword is supportive of the career development of its employees and provides training programmes and Masters opportunities where appropriate.

CROSSWORD’S PARTNERSCrossword develops mutually beneficial commercial relationships with companies to support sourcing and commercialising cyber security intellectual property originating from university research projects, and evaluating potential routes to distributing and reselling its products. Crossword recognises that the establishment of a close working relationship with its partners is essential for its long-term success.

Crossword maintains its relationship with its partners through regular meetings, mutual understanding and aligned objectives. Feedback from partners is communicated to the relevant teams and the Board as appropriate.

UNIVERSITIESCrossword has excellent connections with universities in the UK and elsewhere through members of the Board and Management, who include some of the most highly regarded experts in IP commercialisation and the cyber security sector. Crossword maintains regular interaction with the universities with which it engages. This is predominantly achieved by digital means (e.g. frequent email exchanges and video calls), in which both parties can feedback to one another to ensure their needs are being met. The team also has face-to-face meetings with academics and works alongside universities at various events, such as talks and conferences. This continuous engagement with universities is paramount to the long-term success of the Company, due to its principal objective.

CorporateGovernanceReportcontinued


19

Principle4:Embedeffectiveriskmanagement,consideringbothopportunitiesandthreats,throughouttheorganisationAUDIT, RISK AND INTERNAL CONTROLFinancial controlsThe Company has an established framework of internal financial controls, the effectiveness of which is regularly reviewed by the Executive Management, the Audit Committee and the Board, in light of an ongoing assessment of significant risks facing the Company.

• The Board is ultimately responsible for the effectiveness of the Group’s system of internal controls. Its key strategy has been to establish financial reporting procedures that provide the Board of Directors with a reasonable basis upon which to make judgements as to the financial position and prospects of the Group. Executive Directors and Non-Executive Directors have been appointed by the Board to assist with the implementation of this strategy and report progress to the Board.

• The Audit Committee has the primary responsibility for monitoring the quality of internal controls to ensure that the financial performance of the Group is properly measured and reported on. It receives and reviews reports from the Group’s management and external auditors relating to the interim and annual accounts and the accounting and internal control systems in use throughout the Group. The Audit Committee meets not less than three times in each financial year and has unrestricted access to the Group’s external auditors.

• Regular budgeting and forecasting is conducted to monitor the Company’s ongoing cash requirements and cash flow forecasts are circulated to the Board.

• The Company has a Risk Register which identifies the potential possibility and impact of risks associated with the Company and allocates an owner to mitigate each risk. The Risk Register is updated by the Finance Director and reviewed by the Executive team, the Audit Committee and the Board.

Non-financial controlsThe Board has ultimate responsibility for the Group’s system of internal control and for reviewing its effectiveness. However, any such system of internal control can provide only reasonable, but not absolute, assurance against material misstatement or loss. The Board considers that the internal controls in place are appropriate for the size, complexity and risk profile of the Group. The principal elements of the Group’s internal control system include:

• Close management of the day-to-day activities of the Group by the Executive Directors;

• An organisational structure with defined levels of responsibility, which promotes entrepreneurial decision-making and rapid implementation whilst minimising risks;

• Central control over key areas such as capital expenditure authorisation and banking facilities;

• A comprehensive annual budgeting process producing a detailed integrated profit and loss, balance sheet and cash flow, which is approved by the Board; and

• Detailed monthly reporting of performance against budget.

The Group continues to review its system of internal control to ensure compliance with best practice, whilst also having regard to its size and the resources available.

STANDARDS AND POLICIESThe Board is committed to maintaining appropriate standards for all the Company’s business activities and ensuring that these standards are set out in written policies. Key examples of such standards and policies include:

• Anti-bribery and Corruption Policy

• Information Security Policy

• Data Protection Policy

• Share Dealing Code.

All policies are documented and senior managers are responsible for monitoring the compliance of these policies.

APPROVAL PROCESSAll contracts are required to be reviewed and signed by a Director of the Company.

20


Principle5:MaintainingtheBoardasawell-functioning,balancedteam,ledbytheChairCOMPOSITION, QUALIFICATION AND INDEPENDENCE OF THE BOARDThe Board comprises of six Non-Executive and two Executive directors. The names and responsibilities of the current Directors, together with their biographical details, are set out on page 14.

The Board considers each of the Non-Executive Directors to be independent in character and judgement. Two of the Non-Executive Directors do not meet the strict criteria for independence set out in the QCA Code, due to their ownership of ordinary shares and their participation in the Company’s share option arrangements, as part of their remuneration arrangements.

The Board considers that the ownership of shares and participation in the Company’s share options to certain of the Non-Executive Directors encourages the alignment of their interests with those of the Company’s shareholders and are not material enough to compromise their independence, character and judgement. Therefore, the Company considers all Non-Executive Directors to be independent for the purposes of the QCA Code.

The Non-Executive Directors provide independent, robust and constructive challenge to the Executive Management and monitor the performance of the management team in delivering the agreed objectives.

All Directors have disclosed their other significant commitments and confirmed that they have sufficient time to discharge their duties effectively.

APPOINTMENT AND TENUREThe Board makes decisions regarding the appointment and removal of Directors and there is a formal, rigorous and transparent procedure for appointments, some of which has been delegated to the Nomination Committee. Appointments are made on merit, taking account of the balance of skills, experience and knowledge required.

The Company’s Articles of Association require that all Directors retire by rotation at regular intervals and that any new Directors appointed during the year must stand for election at the AGM immediately following their appointment.

Principle6:Ensurethat,betweenthem,theDirectorshavethenecessaryup-to-dateexperience,skillsandcapabilitiesThe names and responsibilities of the current Directors, together with their biographical details, are set out on pages 14-16.

The Board believes that its composition brings a desirable range of skills and experience in light of the Group’s challenges and opportunities following Admission, while at the same time ensuring that no individuals or a small group of individuals can dominate the Board’s decision making.

The current Board, although considered to have a sufficient level of skills in all areas of the business, is always looking to improve and further its knowledge of the industry. All Directors receive regular and timely information on the Group’s operational and financial performance and on technical issues.

INDUCTIONUpon appointment, all Directors are provided with training in respect of their legal, regulatory and governance responsibilities and obligations, in accordance with the UK regulatory regime.

The induction includes face-to-face meetings with Executive Management and site visits to orientate and familiarise the new Directors with Company’s industry, organisation, business, strategy, commercial objectives and key risks.

The Board is kept up to date on legal, regulatory and governance matters at Board meetings. Additional training is available on request, where appropriate, so that Directors can update their skills and knowledge as applicable.

25+75+ADIVERSITY

Female 25% Male 75%



21

INDEPENDENT ADVICE All Directors are able to take independent professional advice in the furtherance of their duties, if necessary, at the Company’s expense. In addition, the Directors have direct access to the advice and services of the Company Secretary and Finance Director.

Principle7:EvaluateBoardperformancebasedonclearandrelevantobjectives,seekingcontinuousimprovementBOARD EVALUATIONGiven the Company’s recent admission to AIM, the Directors did not consider it appropriate to undertake an evaluation of the Board and its Committees during the year under review. The Board has put in place a formal process for the annual performance evaluation of the Board, its committees and individual Directors going forward. Such evaluation of the Board and its committees will primarily be undertaken by the Nominations Committee.

The Committee will regularly review the structure, size and composition (including the skills, knowledge, independence, experience and diversity) of the Board and make recommendations concerning plans for succession for both Executive and Non-Executive Directors and in particular for the key roles of Chairman and Chief Executive Officer.

Principle8:PromoteacorporateculturethatisbasedonethicalvaluesandbehavioursThe Board is committed to promoting a strong ethical and values driven culture throughout the Company and has a people-oriented ethos where hard-work and commitment is recognised.

During 2018 Crossword appointed a HR Manager to oversee the culture, values and behaviour of the Company and the Executive team is transparent with their staff regarding the behaviours they expect of each other. Crossword also recognises that employees will have interests outside work and consequently supports flexibility around these interests.

Principle9:Maintaingovernancestructuresandprocessesthatarefitforpurposeandsupportgooddecision-makingbytheBoardTHE ROLE OF THE BOARDThe Board is responsible for the long-term success and strategic leadership of the Group It is responsible for reviewing, formulating and approving the strategy of the Group and its subsidiaries, corporate actions and overseeing the Group’s progress towards its goals. In addition, it also approves the annual and interim results and monitors the exposure to key business risks. The Board’s full responsibilities are set out in a schedule of matters reserved for the Board.

The matters reserved for the attention of the Board include:

• The approval of interim and annual financial statements, dividends and significant changes in accounting practices;

• Review of bi-monthly financial statements;

• Board membership, reviewed by NOMAD, and powers including the appointment and removal of Board members, determining the terms of reference of the Board and establishing the overall control framework;

• AIM related issues including the approval of communications to the London Stock Exchange and communications with shareholders will be dealt with by the Market Disclosure Committee and reviewed by the NOMAD, or delegated by the Board to the Executive Directors;

• Senior management, remuneration, contracts, and the grant of share options will be addressed by the Remuneration Committee;

• Key commercial matters where the financial commitment is in excess of £50,000 per annum;

• Taking of loans or other credit;

• Financial matters including the approval of the budget and financial plans and performance against such plans and budgets;

• Approval of the appointment of the current period auditor, year-end audited statutory accounts and audit related queries addressed by the Audit Committee;

• Risk management review;

• Changes to the Company’s capital structure, its business strategy, acquisitions and disposals of businesses, and capital expenditures outside of budget approval; and

• Other matters including, but not limited to, health and safety policy, insurance and legal compliance.

22


ROLE OF THE CHAIRMAN AND CHIEF EXECUTIVE OFFICERThere is a clear division of responsibility at the head of the Company. The Chairman is responsible for running the business of the Board and for ensuring appropriate strategic focus and direction, whilst the Chief Executive Officer is responsible for proposing the strategic focus to the Board, implementing it once approved, and overseeing the management of the Company through the Executive Team. The Chief Executive Officer is also responsible for communicating with shareholders, assisted by the Finance Director. This separation of responsibilities is clearly defined and agreed by the Board.

BOARD AND COMMITTEE MEETINGSThe Board meets at least six times each year, in accordance with its scheduled meeting calendar (these may be supplemented by additional meetings as and when required) to review, formulate and approve the Group’s strategy, budgets, corporate actions and oversee the Group’s progress towards its goals. At each meeting, the Board considers a number of matters, which include technical, operational, financial, risk and corporate governance reports, in addition to an update from its Committees, where applicable.

Any Director can challenge proposals and decisions are taken democratically after discussion. Any Director who feels that any concern remains unresolved after discussion may ask for that concern to be noted in the minutes of the meeting, which are then circulated to all Directors. Specific actions arising from such meetings are agreed by the Board or relevant committee and then followed up by Management.

The table below sets out the attendance record of individual Directors at the scheduled and unscheduled Board meetings held during the year:

Name Board Meeting Audit CommitteeRemuneration

Committee

Sir Richard Dearlove 4/8 - -

Thomas Ilube 8/8 - -

Mary Dowd* 5/6 - -

Ruth Anderson 7/8 - -

David Stupples 5/8 - 2/2

David Secher 8/8 1/1 2/2

Gordon Matthew 4/8 1/1 -

Andy Gueritz 8/8 1/1 2/2

* Appointed during the year.

The Group has established an Audit Committee, a Remuneration Committee, a Nomination Committee and a Market Disclosure Committee, each with formally delegated duties and responsibilities outlined within terms of reference reviewed and approved by the Board on an annual basis

From time to time, separate committees may be set up by the Board to consider specific issues when the need arises.

The Board and its Committees are supported by the Company Secretary, who ensures that the Board receives regular and timely information ahead of each meeting. A formal agenda is produced for each meeting and the Company Secretary distributes papers several days before meetings take place to provide the Board with sufficient time to consider the matters to be discussed. Each Committee has access to such resources, information and advice as it deems necessary, at the cost of the Company, to enable it to discharge its duties.



23

Principle10:CommunicatehowtheCompanyisgovernedandisperformingbymaintainingadialoguewithshareholdersandotherrelevantstakeholdersThe Board attaches considerable importance to the maintenance of constructive relationships with shareholders and its other stakeholders.

As mentioned above, the Company communicates with shareholders through the Annual Report and accounts, full-year and half-year results announcements, the AGM and one-to-one meetings with large existing or potential new shareholders. The Company regularly releases regulatory and other announcements covering operational and corporate matters.

A range of corporate information (including all Company announcements) is also available to shareholders, investors and the public on the Company’s corporate website, www.crosswordcybersecurity.com including:

• Our Articles of Association and admission document;

• A detailed account of how we have applied the principles of the QCA Code;

• Latest Crossword Cybersecurity news and press releases;

• Annual and Interim Reports.

The Board receives regular updates on the views of shareholders through briefings from the Chief Executive Officer, Finance Director and the Company’s brokers.

The Company is currently exploring further methods of obtaining feedback from its staff, including employee opinion surveys, exit interviews in the event people decide to leave the business, and follow up interviews with new employees.

AuditCommitteeReportI am pleased to present the Committee’s report for the year ended 31 December 2018. The following pages provide an insight into how the Committee discharged its responsibilities during the year and the key topics that it considered in doing so.

The role of the Audit Committee is to monitor the integrity of the Group’s Financial Statements, including its annual and half-yearly reports and any other formal statements relating to its financial performance. It monitors and reviews the effectiveness of the Group’s system of internal financial control systems that identify, assess, manage and monitor financial risks, and other internal control and risk management systems.

COMMITTEE MEMBERSHIP AND GOVERNANCEThe Audit Committee is comprised of two independent non-executive directors, currently David Secher and Andrew Gueritz, and David Secher is considered by the Board to have recent and relevant financial experience. The Committee as a whole has competence relevant to the sector in which the Company operates. At the request of the Chair of the Committee, the Chief Executive Officer, Finance Director and other members of the senior management team are also invited to attend meetings.

The Audit Committee will meet not less than three times in each financial year and has unrestricted access to the Group’s external auditors. The Committee works to a planned programme of activities focused on key events in the annual financial reporting cycle and standing items that it considers regularly under its Terms of Reference.

PRINCIPAL ACTIVITIES DURING THE YEARThe Committee held one meeting during the year and considered the following:

• June 2018 six month Interim Accounts review.

The Committee is planning the following activities during 2019;

• Review the Company’s procedures for detecting fraud;

• Review the Company’s systems and controls for the prevention of bribery and receive reports on non-compliance;

• Review the adequacy and security of the Company’s arrangements for its employees to raise concerns, in confidence, about possible wrongdoing in financial reporting or other matters. The Committee shall ensure that these arrangements allow proportionate and independent investigation of such matters and appropriate follow up action;

• Review and approve the FY19 external audit plan, including the proposed materiality threshold, the scope of the audit, the significant audit risks and fees;

• Risk – review and challenge the Risk Register, and consider the risk appetite of the business.

The Committee members’ attendance at meetings during the year is set out on page 22 above.

24


EXTERNAL AUDITOR MHA MacIntyre Hudson has been the external auditor of the Group since 2014. The continued appointment of MHA MacIntyre Hudson is reviewed by the Committee each year, taking into account the relevant legislation, guidance and best practice appropriate for a Company of its size, nature and stage of development.

The Committee considers a number of areas when reviewing the external auditor appointment, namely its performance in discharging the audit, the scope of the audit and terms of engagement, its independence and objectivity, and its reappointment and remuneration.

The breakdown of fees between audit and non-audit services paid to MHA MacIntyre Hudson during the financial year is set out in Note 6 to the Group’s Consolidated Financial Statements. The non-audit fees relate to tax advice. The Audit Committee is satisfied that it was appropriate for the external auditor to carry out this work, and that it did not impair its independence or objectivity.

INTERNAL AUDITThe Group does not have an internal audit function. The Audit Committee presently considers this is appropriate, given the close involvement of the Executive Directors and senior management on a day-to-day operational basis. However, the need for an internal audit function will be kept under review by the Audit Committee on behalf of the Board.

DavidSecherChair,AuditCommittee12 April 2019



25

NominationCommitteeReportThe Nomination Committee is responsible for reviewing the composition of the Board taking into account the skills, experience and diversity of the Directors in light of the challenges and opportunities facing the Company and makes recommendations for the appointment and reappointment of Board members.

COMMITTEE MEMBERSHIP AND GOVERNANCEThe Nomination Committee is chaired by Andrew Gueritz and its other members are Ruth Anderson, Gordon Matthew and David Stupples. The Committee will meet at least twice a year and as otherwise required and comprises of not less than three members, at least two of whom are independent Non-Executive Directors.

SUCCESSION PLANNING AND BOARD EVALUATIONThe Nomination Committee recognises the importance of succession planning for Board renewal and in relation to key members of the executive team. However, given the Company’s recent admission to AIM on 14 December 2018, the Committee is yet to review or discuss the succession plans for the Company’s key Executives and Board members or conduct an evaluation of the Board and Committees. Going forward, the Committee will seek to develop and review on a regular basis the succession planning for both the Board and key members of Management.

DIVERSITYThe Company has not adopted a formal policy on diversity and, therefore, has no measurable objectives to disclose. Appointments, including appointments to the Board and senior management positions are made on merit, taking account of the balance of skills and experience required.

KEY AREAS OF FOCUS FOR 2019:• Review the structure, size and composition (including the skills, knowledge, experience and diversity) of the Board and make

recommendations to the Board as appropriate;

• Review the time commitment and independence of the Non-Executive Directors;

• Put in place succession plans for both Executive and Non-Executive Directors and, in particular, for the key roles of Chair and Chief Executive Officer; and

• Conduct an internal evaluation of the Board, its Committees and individual Directors, using questionnaires.

AndrewGueritzChair,NominationCommittee12 April 2019

26


RemunerationCommitteeReportThe Remuneration Committee is responsible for determining and agreeing with the Board the framework or broad policy for the remuneration of all Executive Directors, the Chairman of the Board, including pension rights and any compensation payments, and such other members of the senior management as it is designated to consider. In addition, the Committee makes recommendations to the Board on proposals for the granting of share options and other equity incentives, pursuant to any employee share option scheme or equity incentive plans in operation from time to time.

COMMITTEE MEMBERSHIP AND GOVERNANCEThe Remuneration Committee is a formal committee of the Board and has powers delegated to it under the Articles of Association. Its remit is set out in Terms of Reference formally adopted by the Board which are reviewed annually.

The Remuneration Committee is currently comprised of: Andrew Gueritz (as Chair), David Secher, David Stupples and Ruth Anderson. The Committee meets at least once in each financial year and held two meetings during the year.

The Committee members’ attendance at meetings during the year is set out on page 22 above.

LETTER OF APPOINTMENT, SERVICE CONTRACTS AND TERMINATIONThomas IIube (Chief Executive Officer)Tom Ilube is appointed as Chief Executive Officer under an executive service contract dated 1 April 2014 (as amended). The employment commenced on 1 April 2014 and will continue unless terminated by either party giving twelve months’ written notice. The Company may terminate the contract without notice (or with payment in lieu of notice) if, inter alia, Tom is guilty of gross misconduct, commits a serious breach of the employment contract, commits a criminal offence, is declared bankrupt or becomes of unsound mind. The Company may, after giving or receiving notice of termination, immediately end the employee’s employment and make payment in lieu of salary with no other benefit for the remaining period of notice.

Mary Dowd (Finance Director)Mary Dowd is employed as Finance Director under an employee service contract dated 10 May 2018. The employment commenced on 16 May 2018 and will continue unless terminated by either party giving six months’ written notice. The Company may terminate the contract on shorter notice if the employee is absent from work for an extended period through sickness or injury and may terminate without notice (or with payment in lieu of notice) if, inter alia, Mary is guilty of gross misconduct, commits a serious breach of the employment contract, commits a criminal offence, is declared bankrupt or becomes of unsound mind. The Company may, after giving or receiving notice of termination, immediately end the employee’s employment and make payment in lieu of salary with no other benefit for the remaining period of notice. Following termination of employment, Mary is subject to certain restrictions for a period of six months, including a restriction on dealing with the Company’s customers and suppliers and from working for a competing business.

Non-Executive DirectorsAll Non-Executive Directors, including the Chairman serve on the basis of letters of appointment which are terminable by three months’ written notice and are available for inspection at the Company’s registered office. Subject to continued satisfactory performance, the Board does not think it appropriate at this time to limit the term of appointment of the Non-Executive Directors. The Executive Directors’ service contracts are also available for inspection at the Company’s registered office.



27

The remuneration of the Directors who served during the year was as follows:

Directors’ remunerationBasic Salary and

feesBonus£’000

Taxable benefits£’000

Employer’sPension

contributions£’000

Total£’000

Executive Directors

Thomas IIube CBE £115,000 10,000 4,133 703 129,836

Mary Dowd £62,949 8,477 – 269 71,695

Non Executive Directors

Sir Richard Dearlove £25,000 25,000 50,000

Ruth Anderson £6,000 6,000

Andrew Gueritz £6,000 6,000

Gordon Matthew £12,000 12,000

David Secher £6,000 6,000

David Stupples £12,000 12,000

Total 244,949 18,477 29,133 972 293,531

DIRECTORS’ SHAREHOLDINGS AND SHARE INTERESTSThe table below sets out the Directors’ interests in the ordinary shares of the Company as at 31 December 2018. There have been no changes in the current Directors’ interests in shares or options granted by the Company between the end of the financial year and 12 April 2019.

Name Number of Issued Ordinary Shares % of Issued Shares

Thomas Ilube* 1,382,112 29.53%

Dr David Secher 26,365 0.56%

David Stupples 5,263 0.11%

* Thomas Ilube’s shareholding is made up of 1,251,668 shares held by him personally and 130,444 held by Share Nominees Limited on his behalf. Thomas Ilube, his brother Roland Ilube and his sisters Susan Gill and Elizabeth Leonard (together the “Concert Party”) are deemed to be acting in concert for the purposes of the Takeover Code. The Concert Party owns in aggregate 1,408,739 Ordinary Shares representing 30.10 per cent. of the Company’s Share Capital.

SHARE OPTION AND INCENTIVISATION PROPOSALSThe Board considers employee share ownership to be an important part of its strategy for employee incentivisation and retention. The Group has established share option programmes that entitle certain employees to purchase shares in the Company. These were issued in July 2014, November 2014, July 2015, December 2015, January 2016, June 2016, September 2016, June 2017, January 2018, May 2018, July 2018 and October 2018. There are no performance conditions attaching to these options.

In addition, the Company has established a share option programme in Crossword Consulting Limited and 27,000 options were issued to employees of that Company. The Company intends to put in place an incentive arrangement for Stuart Jubb, the Managing Director of Crossword Consulting Limited, which is designed to incentivise him with entrepreneurial-style rewards commensurate with the achievement of a growth in enterprise value of that Company.

28


The Directors hold the following shares under option:

Name Date of grantNumber of Ordinary Shares under option Exercise Price Vesting Conditions Expiry Date

Sir Richard Dearlove 03/10/16 13,158 £1.90 (1) 03/10/26

Sir Richard Dearlove 25/05/18 6,757 £3.70 (1) 25/05/28

Dr David Secher 18/07/14 15,000 £0.54 (1) 17/07/24

Professor David Stupples 18/07/14 35,000 £0.54 (1) 17/07/24

Gordon Matthew 20/07/15 5,000 £1.90 (1) 19/07/25

Mary Dowd 24/10/18 7,936 £3.15 (1) 24/10/28

Total 82, 851

(1) Option Shares to vest in three equal tranches on the first, second and third anniversary of the date of grant.

In addition, the Company has issued 66,993 options to members of staff and a former Director, John Bottomley.

NON TAX-ADVANTAGED SHARE OPTION PLANEMI Share Option PlanThe Company has established an enterprise management incentive share option plan under scheme rules dated 21 May 2014 (“EMI Option Plan”) for the purposes of recruiting and retaining its staff. The Company may grant an Option intended to be a qualifying option under the Income Tax (Earnings and Pensions) Act 2003 (“ITEPA 2003”) (“EMI Option”) to any eligible employee it chooses, subject to the limitations and conditions of the EMI Option Plan. EMI Options may not be granted where prohibited by law or any corporate governance code which applies to the Company or after the tenth anniversary of the date of the EMI Option Plan.

Crossword Consulting Limited share option schemeCrossword Consulting Limited (“Consulting”) has established a non tax-advantaged share option plan under scheme rules dated 2 January 2018 (“Consulting Option Plan”), whereby Consulting may grant a right to acquire ordinary shares of £0.01 each in the capital of Consulting (“Consulting Option(s)”) to any individual who is an employee of, director of, adviser to or consultant of Consulting from time to time (save where prohibited by law or any corporate governance code which applies to Consulting).

AndrewGueritzChair,RemunerationCommittee12 April 2019



29

Directors’Report&Statementof Directors’Responsibilities

Directors’ReportThis Directors’ Report includes the information required to be included under the Companies Act 2006 or, where provided elsewhere, an appropriate cross-reference is given. The Corporate Governance Report approved by the Board is provided on pages 17 to 28 and incorporated by reference into this Directors’ Report.

Principalactivity,reviewofthebusinessandfuturedevelopmentsCrossword Cybersecurity plc (8927013) is a public company, limited by shares, incorporated in the United Kingdom under the Companies Act, with operations in the UK and Poland. Its shares are traded on AIM, a sub market of the London Stock Exchange (‘AIM’).

The Company has two principal areas of activity, being (i) the development and commercialisation of university research based cyber security related software and (ii) cyber security consulting. More details on the strategy, nature of the Group’s operations and future developments are set out in the Strategic report on pages 5 to 11.

SharecapitalandrightsattachingtothesharesThe number of shares in issue as at 31 December 2018 was 4,680,396 ordinary shares of £0.05, each with one vote.

In accordance with applicable laws and the Company’s Articles of Association, holders of ordinary shares are entitled to:

• Receive shareholder documentation including the notice of any general meeting;

• Attend, speak and exercise voting rights at general meetings, either in person or by proxy; and

• A dividend, where declared and paid out of profits available for such purposes. On a return of capital on a winding up, holders of ordinary shares are entitled to participate in such a return.

ArticlesofAssociationThe Company’s Articles of Association can only be amended by special resolution and are available at https://www.crosswordcybersecurity.com/documents/Crossword_Articles_Of_Association.pdf

ResearchanddevelopmentThe Group has worked with 14 research intensive university partners, including academics from Imperial College London, the Universities of Bristol, Warwick, Edinburgh, Surrey and South Wales, EPFL (Switzerland) and the Massachusetts Institute of Technology (MIT) to identify promising cyber security intellectual property from research that the Company considers meets emerging real-world challenges. Crossword has identified over 1,000 cyber security research projects from universities worldwide. Over the last four years, the Group has signed memoranda of understanding and agreements with fourteen universities to explore potential commercialisation opportunities or work with them on cyber security research ideas.

The Group’s specialist cyber security product development and software engineering teams in Richmond, Greater London, in the UK and in Krakow, Poland, work with its university partners to develop the research concept into a fully-fledged commercial product that it will then take to market. Its current portfolio of products comprises Rizikon Assurance, a SaaS platform designed to help larger organisations manage third-party assurance at scale with a particular focus on cyber security and Rizikon Standard, a Cyber-risk and GDPR compliance assessment tool aimed at small to medium companies. The Group also has a third product, Nixer, a version of which is currently undergoing testing. Nixer is a machine-learning based product aimed at protecting against Application-layer DDoS attacks and the growing menace of automated attack tools. The Group has continued to develop Nixer and the latest version of the product includes protection against other threats including credential stuffing.

PowersofDirectorsThe Directors may exercise powers subject to applicable legislation and regulations and the Company’s Articles of Association.

The Directors in office at the date of this Annual Report are shown on pages 14 to 16.

Directors’conflictofinterestThe Board may authorise, to the fullest extent permitted by law any matter which, if not so authorised, would or may result in a Director infringing his or her duty to avoid a situation in which he/she can have a direct or indirect interest that conflicts, or possibly may conflict, with the interests of the Company and which may reasonably be regarded as likely to give rise to a conflict of interest.

The Company has effective procedures in place to monitor and deal with conflicts of interest. The Board is aware of the other commitments and interests of its Directors, and changes to these commitments and interests are reported to and, where appropriate, agreed with the rest of the Board.

30


Directors’InsuranceandIndemnityThe Group maintains Directors’ and Officers’ liability insurance which gives appropriate cover for any legal action brought against its Directors. In accordance with Section 234 of the Companies Act 2006, qualifying third party indemnity provisions are in place for the Directors in respect of liabilities incurred as a result of their office to the extent permitted by law.

PurchaseofownsharesThe Company has not acquired any of its own shares in the period to 31 December 2018, nor in the period up to the date of approval of this Annual Report.

Post-balancesheeteventsThere were no post balance sheet events of note.

DividendThe Directors do not intend that the Company will declare a dividend in the near term, but instead channel the available cash resources into funding the expansion of the Group. The Board intends to commence the payment of dividends only when it becomes commercially prudent to do so, having regard to the Group’s earnings, financial position, cash requirements and availability of distributable profits, as well as the provisions of relevant laws and/or generally accepted accounting principles from time to time.

PoliticaldonationsNo political donations have been made during this financial year.

GoingconcernThe Group’s business activities, together with the factors likely to affect its future development, performance and financial position, are contained within the Strategic Report. In addition, the notes to the Group financial statements include details on the Company’s objectives, policies and processes for managing its capital; its financial risk management objectives, its exposures to credit risk and liquidity risk.

The Directors have, at the time of approving the financial statements, a reasonable expectation that the Company continues to have adequate resources to continue in operational existence for the foreseeable future. Thus, they continue to adopt the going concern basis of accounting in preparing the Annual Report and financial statements.

PrincipalshareholderTom Ilube is the Company’s ultimate controlling party, holding a total of 1,382,112 ordinary shares, representing 29.53 per cent. of the voting rights attached to the current issued share capital of the Company. Of the 1,382,112 shares held, 1,251,668 shares are held by Tom Ilube directly and 130,444 shares are held on his behalf by Share Nominees Limited.

ExternalAuditorThe Directors confirm that, so far as each is aware, there is no relevant audit information of which the Group’s Auditors are unaware. Each of the Directors has taken all the steps he or she should have taken as a Director to make himself or herself aware of any relevant audit information and to establish that the Group’s Auditors are aware of that information.

AnnualGeneralMeetingThe Annual General Meeting of the Company will be held on the 9th of May, 2019 at 3pm at 60 Gracechurch Street, London EC3V 0HR. The Notice of Meeting will be available to view on the Company’s website in advance of that meeting.

ApprovalofDirectors’ReportThis Directors’ Report, including the Corporate Governance Statement, was approved for and on behalf of the Board on 12 April 2019.

BenHarberCompanySecretary12 April 2019

Directors’Report&Statementof Directors’Responsibilitiescontinued


31

StatementofDirectors’ResponsibilitiesinrespectoftheAnnualReportandtheFinancialStatementsThe Directors are responsible for preparing the Annual Report and the financial statements in accordance with applicable law and regulations.

Company law requires the Directors to prepare financial statements for each financial year. Under that law the Directors have elected to prepare the financial statements in accordance with International Financial Reporting Standards (IFRSs), as adopted by the European Union, and parent company financial statements, in accordance with International Financial Reporting Standards, (IFRSs), as adopted by the European Union. Under Company law, the Directors must not approve the financial statements unless they are satisfied that they give a true and fair view of the state of affairs and profit or loss of the Group and parent company for that period. In preparing the financial statements, the Directors are required to:

• Select suitable accounting policies and then apply them consistently;

• Make judgements and accounting estimates that are reasonable and prudent;

• State whether applicable IFRSs, as adopted by the European Union, have been followed for the Group financial statements and IFRSs, as adopted by the European Union, have been followed for the Company financial statements, subject to any material departures disclosed and explained in the financial statements; and

• Prepare the financial statements on the going concern basis, unless it is inappropriate to presume that the Group and parent company will continue in business.

The Directors are responsible for keeping adequate accounting records that are sufficient to show and explain the Group and parent company’s transactions and disclose with reasonable accuracy at any time the financial position of the Group and parent company and enable them to ensure that the financial statements and the Directors’ Remuneration Report comply with the Companies Act 2006 and, as regards the Group financial statements, Article 4 of the IAS Regulation. They are also responsible for safeguarding the assets of the Group and parent company and, hence, for taking reasonable steps for the prevention and detection of fraud and other irregularities.

The Directors are responsible for the maintenance and integrity of the parent company’s website. Legislation in the United Kingdom governing the preparation and dissemination of financial statements may differ from legislation in other jurisdictions.

ResponsibilityStatementoftheDirectorsinrespectoftheAnnualReportandAccountsThe Directors consider that the Annual Report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for shareholders to assess the Group and parent company’s position, performance, business model and strategy.

Each of the Directors, whose names and functions are listed in the Corporate Governance Section confirm to the best of our knowledge, that:

• The parent company and Group financial statements, prepared in accordance with International Financial Reporting Standards as adopted by the European Union and Article 4 of the IAS Regulation, give a true and fair view of the assets, liabilities, financial position and profit or loss of the Company and the undertakings included in the consolidation as a whole; and

• The Annual Report includes a fair review of the development and performance of the business and the position of the Company and the undertakings included in the consolidation taken as a whole, together with a description of the principal risks and uncertainties that they face; and

• The Annual Report and accounts, taken as a whole, is fair, balanced and understandable and provides the information necessary for the shareholders to assess the Group and parent company’s position, performance, business model and strategy.

• The strategic report includes a fair review of the development and performance of the business and the position of the Group and parent company, together with a description of the principal risks and uncertainties that it faces.

This Statement of Responsibilities and the Annual Report as a whole were approved by the Board on 12 April 2019.

TomIIubeChiefExecutiveOfficer12 April 2019

32


We have audited the financial statements of Crossword Group plc.

The financial statements that we have audited comprise:

• Consolidated Statement of Comprehensive Income

• Consolidated Statement of Financial Position

• Company Statement of Financial Position

• Group Statement of Changes in Equity

• Company Statement of Changes in Equity

• Group Cash Flow Statement

• Notes 1 to 19 of the financial statements, including Accounting Policies.

The financial reporting framework that has been applied in their preparation is applicable law and International Financial Reporting Standards (IFRSs), as adopted by the European Union.

In our opinion:

• The financial statements give a true and fair view of the state of the Group’s and of the parent company’s affairs, as at 31 December 2018, and the Group’s profit for the year then ended;

• The financial statements have been properly prepared, in accordance with International Financial Reporting Standards (IFRS), as adopted by the European Union; and

• The financial statements have been prepared in accordance with the requirements of the Companies Act 2006.

BasisforopinionWe conducted our audit in accordance with International Standards on Auditing (UK) (ISAs (UK)) and applicable law. Our responsibilities under those standards are further described in the Auditor’s Responsibilities for the Audit of the Financial Statements section of our report. We are independent of the Group, in accordance with the ethical requirements that are relevant to our audit of the financial statements in the UK, including the FRC’s Ethical Standard as applied to listed entities, and we have fulfilled our ethical responsibilities in accordance with those requirements. We believe that the audit evidence we have obtained is sufficient and appropriate to provide a basis for our opinion.

ConclusionsrelatingtogoingconcernWe have nothing to report in respect of the following matters in relation to which the ISAs (UK) require us to report to you where:

• The Directors’ use of the going concern basis of accounting in the preparation of the financial statements is not appropriate; or

• The Directors have not disclosed in the financial statements any identified material uncertainties that may cast significant doubt about the Group’s or the parent company’s ability to continue to adopt the going concern basis of accounting for a period of at least twelve months from the date when the financial statements are authorised for issue.

KeyauditmattersKey audit matters are those matters that, in our professional judgement, were of most significance in our audit of the financial statements of the current period, and include the most significant assessed risks of material misstatement (whether or not due to fraud) that we identified. These matters included those matters which had the greatest effect on: the overall strategy, the allocation of resources in the audit; and directing the efforts of the engagement team. These matters were addressed in the context of our audit of the financial statements as a whole, and in forming our opinion thereon, and we do not provide a separate opinion on these matters.

IndependentAuditor’sReportTotheMembersofCrosswordGroupplc


33

REVENUE RECOGNITIONKey matterAs described in the accounting policy note 1.2, IFRS 15 provides a five-step model to be applied to contract with customers. Revenue is recognised in line with meeting certain performance obligations as set out in these contracts, as and when they are met. Being the first year of application, this has been a key area of focus for the audit due to its material significance.

How the scope of our work responded to the key matterOur procedures included the evaluation of contracts held with customers from which key performance obligations could be identified. Subsequently, these were reviewed against the amount of revenue recognised on a contract by contract basis. In addition, we performed substantial analytical procedures on revenue in the year to understand any changes in the revenue profile and corroborate any irregularities.

Key observations Following our audit procedures, we found that revenue had been recorded appropriately and was free from material misstatement.

OurapplicationofmaterialityOur definition of materiality considers the value of error or omission on the financial statements that would change or influence the economic decision of a reasonably knowledgeable person. Materiality is used in planning the scope of our work, executing that work and evaluating the results.

Group materiality that we used in the current year was £10,650 which was determined on the basis of 1% of Group revenue. This was then also considered on a Company basis, also being 1% of revenue.

AnoverviewofthescopeofourauditIn scoping our Group audit we first obtained an understanding of the Group and its environment, including its internal control environment. We also assessed the risks of material misstatement at the Group level.

As part of our audit work we have tested the consolidation process. We have also performed those audit procedures of the remaining components necessary for us to reduce the risks of material misstatement to an acceptable level.

The audit of Crossword Consulting Limited and the parent company Crossword Cybersecurity Plc was performed by us and we have acted as the Group engagement team in directing the audit of Crossword Cybersecurity Sp Z.o.o. Our work in this respect was performed in accordance with the International Standards on Auditing, specifically ISA 600 (UK).

OtherinformationThe directors are responsible for the other information. The other information comprises the information included in the Annual Report and Accounts, other than the financial statements and our auditor’s report thereon. Our opinion of the financial statements does not cover the other information and, except to the extent otherwise explicitly stated in our report, we do not express any form of assurance conclusion thereon.

In connection with our audit of the financial statements, our responsibility is to read the other information and, in doing so, consider whether the other information is materially inconsistent with the financial statements or our knowledge obtained in the audit or otherwise appears to be materially misstated. If we identify such material inconsistencies or apparent material misstatements, we are required to determine whether there is a material misstatement in the financial statements or a material misstatement of the other information. If, based on the work we have performed, we conclude that there is a material misstatement of this other information, we are required to report that fact.

We have nothing to report in this regard.

34


IndependentAuditor’sReportcontinued

TotheMembersofCrosswordGroupPLC

OpinionsonothermattersprescribedbytheCompaniesAct2006In our opinion, based on the work undertaken in the course of the audit:

• the information given in the strategic report and the directors’ report for the financial year for which the financial statements are prepared is consistent with the financial statements; and

• the strategic report and the directors’ report have been prepared in accordance with applicable legal requirements.

MattersonwhichwearerequiredtoreportbyexceptionIn light of the knowledge and understanding of the Group and the parent company and its environment obtained in the course of the audit, we have not identified material misstatements in the strategic report and the directors’ report.

We have nothing to report in respect of the following matters in relation to which the Companies Act 2006 requires is to report to you if, in our opinion:

• adequate accounting records have not been kept, or returns adequate for our audit have not been received by branches not visited by us; or

• the financial statements are not in agreement with the accounting records and returns; or

• certain disclosures of directors’ remuneration specified by law are not made; or

• we have not received all the information and explanations we require for our audit.

ResponsibilitiesofdirectorsAs explained more fully in the directors’ responsibilities statement, the directors are responsible for the preparation of the financial statements and for being satisfied that they give a true and fair view, and for such internal control as the directors determine is necessary to enable the preparation of financial statements that are free from material misstatement, whether due to fraud or error.

In preparing the financial statements, the directors are responsible for assessing the Group’s and the parent company’s ability to continue as a going concern, disclosing, as applicable, matters related to going concern and using the going concern basis of accounting unless the directors either intend to liquidate the Group or the parent company or to cease operations, or have no realistic alternative but to do so.

Auditor’sresponsibilitiesfortheauditofthefinancialstatementsOur objectives are to obtain reasonable assurance about whether the financial statements as a whole are free from material misstatement, whether due to fraud or error, and to issue an auditor’s report that includes our opinion. Reasonable assurance is a high level of assurance, but is not a guarantee that an audit conducted in accordance with ISAs (UK) will always detect a material misstatement when it exists. Misstatements can arise from fraud or error and are considered material if, individually or in aggregate, they could reasonably be expected to influence the economic decisions of users taken on the basis of these financial statements.

As part of an audit in accordance with ISAs (UK), we exercise professional judgement and maintain professional scepticism throughout the audit. We also:

• Identify and assess the risks of material misstatement of the financial statements, whether due to fraud or error, design and perform audit procedures responsive to those risks, and obtain audit evidence that is sufficient and appropriate to provide a basis for our opinion. The risk of not detecting a material misstatement resulting from fraud is higher than for one resulting from error, as fraud may involve collusion, forgery, intentional omissions, misrepresentations, or the override of internal control.

• Obtain an understanding of internal control relevant to the audit in order to design audit procedures that are appropriate in the circumstances, but not for the purpose of expressing an opinion on the effectiveness of the Group’s internal control.

• Evaluate the appropriateness of accounting policies used and reasonableness of accounting estimates and related disclosures made by the directors.


35

• Conclude on the appropriateness of the directors’ use of the going concern basis of accounting and, based on the audit evidence obtained, whether a material uncertainty exists related to events or conditions that may cast significant doubt on the Group’s or the parent company’s ability to continue as a going concern. If we conclude that a material uncertainty exists, we are required to draw attention in our auditor’s report to the related disclosures in the financial statements or, if such disclosures are inadequate, to modify our opinion. Our conclusions are based on the audit evidence obtained up to the date of our auditor’s report. However, future events or conditions may cause the Group or the parent company to cease as a going concern.

• Evaluate the overall presentation, structure and content of the financial statements, including the disclosures, and whether the financial statements represent the underlying transactions and events in a manner that achieves fair presentation.

• Obtain sufficient appropriate audit evidence regarding the financial information of the entities or business activities within the Group to express an opinion on the consolidated financial statements. We are responsible for the direction, supervision and performance of the Group audit. We remain solely responsible for our audit opinion.

We communicate with those charged with governance regarding, among other matters, the planned scope and timing of the audit and significant audit findings, including any significant deficiencies in internal control that we identify during our audit.

UseofourreportThis report is made solely to the Company’s members, as a body, in accordance with Chapter 3 of Part 16 of the Companies Act 2006. Our audit work has been undertaken so that we might state to the Company’s members those matters we are required to state to them in an auditor’s report and for no other purpose. To the fullest extent permitted by law, we do not accept or assume responsibility to anyone other than the Company and the Company’s members as a body, for our audit work, for this report, or for the opinions we have formed.

RajeevShaunakFCA(SeniorStatutoryAuditor)MHAMacIntyreHudsonCharteredAccountants&StatutoryAuditors

New Bridge Street House30-34 New Bridge StreetLondon EC4V 6BJ


RIZIKONCYBER RISK SUPPLIER ASSURANCE

STRATEGIC REPORT GOVERNANCE FINANCIAL STATEMENTS2018 A

NN

UA

LRE

PO

RT&

AC

CO

UN

TS3. FINA

NC

IAL S

TATEM

EN

TS

NIXERA MACHINE LEARNING CREDENTIAL STUFFING & APPLICATION DDOS PLATFORM

RIZIKONCYBER RISK SUPPLIER ASSURANCE


Consolidated Financial Statements

38

Consolidated Statement of Comprehensive Income

12 Months 12 Monthsended ended

31st December 31st December2018 2017

Notes £ £

Revenue 2 1,067,609 736,546

Cost of Sales 3 (1,013,521) (1,062,350)

Gross Profit (Loss) 54,088 (325,804)

Other operating income-research & development tax credits 192,149 97,716

Administrative expenses 3 (2,335,228) (956,126)

Share based payments 4 (45,751) (50,875)

Finance income-bank interest receivable 3,727 976

Finance costs-other interest payable (1,237) (1,402)

Loss for the year/period before taxation (2,132,252) (1,235,515)

Tax expense 7 (8,052) (4,730)

Loss for the Year/Period (2,140,304) (1,240,245)

Other Comprehensive Income

Items that may be reclassified to profit or loss:

Foreign Exchange Translation Gain (Loss) (13,542) 4,265

Total Comprehensive Loss (2,153,846) (1,235,980)

Earnings Per Share 14 (0.55) (0.39)

All results are derived from continuing operations

FINANCIAL STATEMENTSGOVERNANCESTRATEGIC REPORT

39

Statement of Financial Position as at 31 December

Group Company Group Company2018 2018 2017 2017

Notes £ £ £ £

Non-Current Assets

Tangible assets 8 12,066 4,583 12,408 –

Intangible assets – – – –

Investments in other unlisted investment & subsidiary 9 31 11,048 31 1,048

Total non-current assets 12,097 15,631 12,439 1,048

Current Assets

Trade and other receivables 10 559,387 848,204 175,580 447,503

Cash and cash equivalents 15 2,222,706 2,213,071 490,090 463,603

Total current assets 2,782,093 3,061,276 665,670 911,106

TOTAL ASSETS 2,794,190 3,076,907 678,109 912,154

EQUITY

Attributable to the owners of the Company

Share Capital 13 234,022 234,022 159,173 159,173

Share premium account 13 7,513,906 7,513,906 3,555,522 3,555,522

Other reserves 96,626 77,101 50,875 50,875

Retained earnings (5,327,370) (4,999,370) (3,187,066) (2,947,789)

Translation of foreign operations (6,013) – 7,529 –

Total equity 2,511,172 2,825,659 586,033 817,781

LIABILITIES

Current Liabilities

Trade and other payables 11 283,018 251,248 92,076 94,373

Total current liabilities 283,018 251,248 92,076 94,373

Total Liabilities 283,018 251,248 92,076 94,373

Total Equity & Liabilities 2,794,190 3,076,907 678,109 912,154

The financial statements were approved by the Board and authorised for issue on 12 April 2019.

They were signed on its behalf by

Tom IlubeChief Executive Officer

40

Consolidated Financial Statements continued


Statement of Changes in EquityAs At

Group Company Group Company2018 2018 2017 2017

£ £ £ £

Share Capital

At 1st January 159,173 159,173 156,015 156,015

Issue of shares 74,849 74,849 3,158 3,158

At 31st December 234,022 234,022 159,173 159,173

Share Premium

At 1st January 3,555,522 3,555,522 3,413,416 3,413,416

Issue of shares 3,958,384 3,958,384 142,106 142,106

At 31st December 7,513,906 7,513,906 3,555,522 3,555,522

Equity Reserve

At 1st January 50,875 50,875 0 –

Employee share schemes – value of employee services 45,751 26,226 50,875 50,875

At 31st December 96,626 77,101 50,875 50,875

Retained Earnings

At 1st January (3,187,066) (2,947,789) (1,946,821) (1,975,150)

Total Comprehensive loss for the period (2,140,304) (2,051,581) (1,240,245) (972,639)

At 31st December (5,327,370) (4,999,370) (3,187,066) (2,947,789)

Translation of Foreign Operations

At 1st January 7,529 – 3,264 –

Translation of Foreign Operations (13,542) – 4,265 –

At 31st December (6,013) – 7,529 –

Total

At 1st January 586,033 817,781 1,625,874 1,594,281

Total Comprehensive loss for the Period (2,153,846) (2,051,581) (1,235,980) (972,639)

Issue of shares 4,033,233 4,033,233 145,264 145,264

Share based Payments 45,751 26,226 50,875 50,875

At 31st December 2,511,172 2,825,659 586,033 817,781

41


Consolidated Statement of Cashflows12 Months 12 Months

ended ended31st December 31st December

2018 2017Notes £ £

Cashflows From Operating Activities

Loss for the year/period (2,140,304) (1,240,245)

Movement in trade and other receivables (383,807) 2,574

Movement in trade and other payables 190,942 (12,004)

Depreciation and amortisation 5,592 5,474

Non cash employee benefits 45,751 50,875

Net Cashflow from Operating Activities (2,281,826) (1,193,326)

Cashflow From Investing Activities

Purchase of tangible assets 8 (5,250) (15,657)

Purchase of shares in other unlisted investment 9 – –

Net Cashflow from Investing Activities (5,250) (15,657)

Cashflows From Financing Activities

Net Proceeds from issue of ordinary shares 4,033,233 145,264

Net Cash Inflow from Financing Activities 4,033,233 145,264

Net Increase in Cash & Cash Equivalents 1,746,158 (1,063,719)

Foreign Currency Translation Difference (13,542) 4,903

Cash and Cash Equivalent at the beginning of the period 490,090 1,548,906

Cash and Cash Equivalent at the end of the period 2,222,706 490,090

Notes to the Financial Information

1 Accounting Policies

1.1 The Group and its operations

Crossword Cybersecurity plc (the “Company”) is a Company incorporated on 6 March 2014 in the United Kingdom under the Companies Act2006. The Company is the parent company of the Crossword Group of Companies focusing on the cybersecurity sector. The principalactivities are the development and commercialisation of university research-based cyber security related software and cybersecurityconsulting.

The financial information includes the results of the Company and its subsidiaries (together referred to as the “Group” and individually as“Group entities”).

The principal accounting policies applied in the preparation of the financial information are set out below. These policies have beenconsistently applied to all the periods presented, unless otherwise stated.

1.2 Basis of preparation of financial information

The financial information has been prepared in accordance with the requirements of the London Stock Exchange plc AIM Rules forCompanies and in accordance with International Financial Reporting Standards (“IFRS”) and IFRS Interpretations Committee (“IFRS IC”)interpretations as adopted by the European Union and the Companies Act 2006 applicable to companies reporting under IFRS.

The financial information has been prepared on the historical cost basis. The preparation of financial information in conformity with IFRSrequires the use of certain critical accounting estimates. It also requires management to exercise its judgement in the process of applying theGroup’s accounting policies. Changes in assumptions may have a significant impact on the financial information in the year the assumptionschanged. Management believes that the underlying assumptions are appropriate. The areas involving a higher degree of judgement orcomplexity, or areas where assumptions and estimates are significant to the financial information are disclosed in note 1.16.

Changes in accounting policy and disclosures

The Group has adopted the following new and amended IFRSs from 1 January 2018 prospectively in the consolidated financial information.There has not been a material impact to the Group when adopting these new and amended IFRSs:

IFRS9 – Financial Instruments; Classification and measurement, applicable for financial years beginning on/after 1 January 2018

IFRS15 – Revenue from contracts with customers, applicable for financial years beginning on/after 1 January 2018.

IFRS 9 Financial instruments

The Group adopted IFRS 9 Financial Instruments as issued by the IASB in July 2014 with a date of transition of 1 January 2018, whichresulted in no adjustments to the carrying value of financial assets and liabilities at the date of transition.

IFRS 15 Revenue from Contracts with Customers

IFRS 15 Revenue from Contracts with Customers was issued in 2014 and was endorsed by the EU in 2016. IFRS 15 establishes acomprehensive framework for determining whether, how much and when revenue is recognised. It replaces existing revenue recognitionguidance, including IAS 18 Revenue.

IFRS 15 provides a single, principles-based five-step model to be applied to all contracts with Customers:

1) identify the contract with the Customer;

2) identify the performance obligations in the contract, introducing the new concept of “distinct”;

3) determining the transaction price;

4) allocating the transaction price to the performance obligations in the contracts, on a relative stand-alone selling price basis; and

5) recognise revenue when (or as) the entity satisfies its performance obligation.

IFRS 15 also introduces new guidance on, amongst other areas, combining contracts, discounts, variable consideration and contractmodifications. It requires that certain costs incurred in obtaining and fulfilling customer contracts be deferred on the balance sheet andamortised over the period an entity expects to benefit from the customer relationship.

Management has conducted a detailed analysis of the impact of IFRS 15 on the Group which has shown that the recognition of revenue willbe consistent with the transfer of risks and rewards to the customer under IAS 18. Management have concluded following this assessmentthat the implementation of IFRS 15 has not resulted in any impact to revenue in the Group’s consolidated financial information.

42



The following standards and interpretations were issued by the IASB and IFRS IC but have not been adopted either because they were notendorsed by the EU at 30 June 2018 or they are not yet mandatory and the Group has not chosen to early adopt.

IFRS16 – Leases, applicable for financial years beginning on/after 1 January 2019

IFRS 16 replaces IAS 17 Leases and will primarily change lease accounting, with lessor accounting under IFRS 16 expected to be similar tolessor accounting under IAS 17. Lessee accounting under IFRS 16 will be similar in many respects to IAS 17 accounting for finance leases,but is expected to be substantively different to existing accounting for operating leases.

Where a contract meets IFRS 16’s definition of a lease and the Group acts as a lessee, lease agreements will give rise to the recognition of anon-current asset representing the right to use the leased item, and a loan obligation for future lease payables on the Group’s balance sheet.

Lease costs will be recognised in the form of depreciation of the right-of-use asset and interest on the lease liability, which may impact thephasing of operating profit and profit before tax, compared to existing cost profiles and presentation in the income statement, and will alsoimpact the classification of associated cash flows.

The impact of IFRS 16 – Leases will require the Group to record its current property leases and qualifying technology contracts on thebalance sheet giving rise to a right to use asset and a corresponding lease obligation. The leases impacted are currently treated as operatingexpenses. The change in recognition is expected to increase depreciation charges and lead to a reduction in lease costs in the incomestatement. Future commitments of the Group’s two commitments under current operating leases are outlined in note 12 which gives someindication of the impact on the Group going forward, however, as IFRS 16 is effective for the first time for the financial year commencing1 January 2019, a full assessment of the standard has not yet been made but it is expected that the standard will not have a material impacton the future results of the Group.

Other standards and interpretations yet to be adopted include:

IFRS 17 ‘Insurance Contracts’

Amendments to IFRS 2 ‘Share Based Payments’

Amendments to IFRS 11 ‘Accounting for Acquisition of Interests in Joint Operation’

Amendments to IFRS 9 ‘Prepayment Features with Negative Compensation’

Amendments to IAS 40 ‘Transfer of Investment Property’

And are not expected to have a material impact of the future results of the Group.

1.3 Going Concern

The financial information have been prepared on a going concern basis which the directors believe to be appropriate as the Group havesufficient funds to finance its operations for the next 12 months from the approval of this financial information.

1.4 Basis of consolidation

Subsidiaries are fully consolidated from the date on which control is transferred to the Group. Control exists when then the Group has thepower, directly or indirectly, to govern the financial and operating policies of an entity so as to obtain benefits from its activities.

The purchase method of accounting is used to account for the acquisition of subsidiaries by the Group.

All intra-Group transactions balances income and expenses are eliminated on consolidation. Uniform accounting policies are applied by theGroup entities to ensure consistency.

1.5 Revenue

Revenue comprises the fair value of consideration received or receivable for licence income and the rendering of services in the ordinarycourse of the Group’s activities. Revenue is shown net of value added tax and trade discounts. Income is reported as follows:

(a) Licence income

Technology and product licensing revenue represents amounts earned for licenses granted under licensing agreements, includingup-front payments. Revenues relating to up-front payments are recognised when the obligations related to the revenues have beencompleted.

Revenues for maintenance and support services are recognised in the accounting periods in which the services are rendered.

43


(b) Rendering of Services

Services relate to implementation and deployment fees for the technology and products licensed to customers. Revenue is recognised in theaccounting periods in which the services are rendered.

1.6 Functional and presentation currency

The presentation currency of the Group is pounds sterling (GBP). The functional currency of the Company is pounds sterling. The functionalcurrency of the Company’s polish subsidiary is Polish Zloty (PLN).

1.7 Foreign currency transactions

Transactions in foreign currencies are translated to GBP at the exchange rates at the dates of the transactions. Monetary assets andliabilities denominated in foreign currencies at the reporting date are translated to GBP at the exchange rate at that date.

Non-monetary assets and liabilities denominated in foreign currencies that are measured at fair value are translated to GBP at the exchangerate at the date that the fair value was determined.

Foreign exchange differences arising on translation are recognised in the statement of comprehensive income.

On consolidation, the assets and liabilities of foreign operations are translated into GBP at the rate of exchange at the reporting date. Theirstatements of profit or loss are transacted at exchange rates at the dates of transaction.

The exchange differences arising upon consolidation on retranslation from a functional currency other than GBP are recognised as aseparate component of equity.

1.8 Property, plant and equipment

Property, plant and equipment is stated at purchase price less accumulated depreciation and impairment losses. The cost includes allexpenses directly related to the purchase of a relevant asset.

All other repair and maintenance costs are charged to the income statement for the period during the reporting period in which they areincurred.

1.9 Depreciation

Each item of property, plant and equipment is depreciated using the straight line method over the estimated useful life and depreciationcharge is included in the income statement for the period.

The depreciation is charged to the income statement for the period and determined using the straight line method over the estimated usefullife of the item of property, plant and equipment.

The expected useful lives of property, plant and equipment in the reporting and comparative periods are as follows:

Useful lives in years

Computers 3.33Furniture & fittings 3.33

1.10 Impairment of non-financial assets

The residual value of an asset is the estimated amount that the Group would currently obtain from disposal of the asset less the estimatedcosts of disposal, if the asset was already of the age and in the condition expected at the end of its physical life.

The assets’ residual values and useful lives are reviewed, and adjusted if appropriate, at each reporting date. Items costing less than £2,000per individual asset are written off in the period of acquisition.

At the end of each reporting period management assesses whether the indicators of impairment of property, plant and equipment exists.

The carrying amounts of property, plant and equipment and all other non-financial assets are reviewed for impairment if there is anyindication that the carrying amount may not be recoverable.

For the purpose of impairment testing the recoverable amount is measured by reference to the higher of value in use (being the net presentvalue of expected future cashflows of a relevant cash generating unit) and fair value less costs to sell (the amount obtainable from the sale ofan asset or cash generating unit in an arm’s length transaction between knowledgeable, willing parties who are independent from each otherless the costs of disposal).

Where there is no binding sale agreement or active market, fair value less costs to sell is based on the best information available to reflectthe amount the Group would receive for the cash generating unit.

44



A cash generating unit is the smallest identifiable group of assets that generates cash inflows that are largely independent of the cash inflowsfrom other assets or groups of assets.

If the carrying amount of the asset exceeds its recoverable amount, the asset is impaired and an impairment loss is charged to the incomestatement so as to reduce the carrying amount in the statement of financial position to its recoverable amount.

A previously recognised impairment loss is reversed if the recoverable amount increases as a result of a reversal of the conditions thatoriginally resulted in the impairment.

This reversal is recognised in profit or loss for the period and is limited to the carrying amount that would have been determined, net ofdepreciation, had no impairment loss been recognised in prior years.

1.11 Financial Instruments

Financial assets and financial liabilities are recognised when the Company becomes a party to the contractual provisions of the instrument.

Financial assets and financial liabilities are initially measured at fair value. Transaction costs that are directly attributable to the acquisition orissue of financial assets and financial liabilities (other than financial assets and financial liabilities at fair value through profit or loss) areadded to or deducted from the fair value of the financial assets or financial liabilities, as appropriate, on initial recognition. Transaction costsdirectly attributable to the acquisition of financial assets or financial liabilities at fair value through profit or loss are recognised immediatelyin the statement of comprehensive income.

All financial instruments are classified in accordance with the principles of IFRS 9 Financial Instruments.

1.11a Financial assets

Classification of financial assets

Debt instruments that meet the following conditions are subsequently measured at amortised cost:

• the financial asset is held within a business model whose objective is to hold financial assets in order to collect contractualcash flows; and

• the contractual terms of the financial asset give rise on specified dates to cash flows that are solely payments of principaland interest on the principal amount outstanding.

Debt instruments that meet the following conditions are subsequently measured at FVTOCI:

• the financial asset is held within a business model whose objective is achieved by both collecting contractual cash flows andselling the financial assets; and

• the contractual terms of the financial asset give rise on specified dates to cash flows that are solely payments of principaland interest on the principal amount outstanding.

By default, all other financial assets are subsequently measured at FVTPL.

Amortised cost and effective interest method

The effective interest method is a method of calculating the amortised cost of a debt instrument and of allocating interest incomeover the relevant period.

For financial instruments other than purchased or originated credit-impaired financial assets, the effective interest rate is the ratethat exactly discounts estimated future cash receipts (including all fees and points paid or received that form an integral part of theeffective interest rate, transaction costs and other premiums or discounts) excluding expected credit losses, through the expected lifeof the debt instrument, or, where appropriate, a shorter period to the gross carrying amount of the debt instrument on initialrecognition. For purchased or originated credit-impaired financial assets, a credit-adjusted effective interest rate is calculated bydiscounting the estimated future cash flows, including expected credit losses, to the amortised cost of the debt instrument on initialrecognition.

The amortised cost of a financial asset is the amount at which the financial asset is measured at initial recognition minus theprincipal repayments, plus the cumulative amortisation using the effective interest method of any difference between that initialamount and the maturity amount, adjusted for any loss allowance. On the other hand, the gross carrying amount of a financial assetis the amortised cost of a financial asset before adjusting for any loss allowance.

Impairment of financial assets

The Company recognises a loss allowance for expected credit losses on financial assets that are measured at amortised cost. Theamount of expected credit losses is updated at each reporting date to reflect changes in credit risk since initial recognition of therespective financial instrument.

45


Expected credit loss measurement

IFRS 9 outlines a ‘three-stage’ model for impairment based on changes in credit quality since initial recognition as summarisedbelow:

• A financial instrument that is not credit-impaired on initial recognition is classified in “Stage 1” and has its credit riskcontinuously monitored by the Company.

• If a significant increase in credit risk (“SICR”) since initial recognition is identified, the financial instrument is moved to“Stage 2” but is not yet deemed to be credit-impaired.

• If the financial instrument is credit-impaired, the financial instrument is then moved to “Stage 3”.

• Financial instruments in Stage 1 have their ECL measured at an amount equal to the portion of lifetime expected creditlosses that result from default events possible within the next 12 months. Instruments in Stages 2 or 3 have their ECLmeasured based on expected credit losses on a lifetime basis.

• A pervasive concept in measuring ECL in accordance with IFRS 9 is that it should consider forward-looking information.

• Purchased or originated credit-impaired financial assets are those financial assets that are credit-impaired on initialrecognition. Their ECL is always measured on a lifetime basis (Stage 3).

1.11b Financial liabilities and equity

Debt and equity instruments are classified as either financial liabilities or as equity in accordance with the substance of thecontractual arrangement.

Equity instruments

An equity instrument is any contract that evidences a residual interest in the assets of an entity after deducting all of its liabilities.Equity instruments issued by the Company entity are recognised at the proceeds received, net of direct issue costs.

Financial liabilities

All financial liabilities are subsequently measured at amortised cost using the effective interest method or at “Fair Value ThroughProfit or Loss” (“FVTPL”).

Financial liabilities at FVPL

Financial liabilities are classified as at FVTPL when the financial liability is 1) contingent consideration of an acquirer in a businesscombination to which IFRS 3 applies, 2) held for trading, or 3) it is designated as at FVTPL.

Financial liabilities subsequently measured at amortised cost

Financial liabilities that are not 1) contingent consideration of an acquirer in a business combination, 2) held-for-trading, or 3)designated as at FVTPL, are subsequently measured at amortised cost using the effective interest method.

The effective interest method is a method of calculating the amortised cost of a financial liability and of allocating interest expenseover the relevant period. The effective interest rate is the rate that exactly discounts estimated future cash payments (including allfees and points paid or received that form an integral part of the effective interest rate, transaction costs and other premiums ordiscounts) through the expected life of the financial liability, or (where appropriate) a shorter period, to the amortised cost of afinancial liability.

Derecognition of financial liabilities

The Company derecognises financial liabilities when, and only when, the Company’s obligations are discharged, cancelled or theyexpire. The difference between the carrying amount of the financial liability derecognised and the consideration paid and payable,including any non-cash assets transferred or liabilities assumed, is recognised in the statement of comprehensive income.

1.12 Financial Instruments – Risk

The Group could be exposed to risks that arise from its use of financial instruments.

Risks in relation to financial assets include:

46



1.12.1 Market risk

Market risk covers foreign exchange risk, price risk and interest rate risk.

As the majority of the Group’s transactions are either in Sterling or in Polish Zloty the Group considers its exposure to foreignexchange risk to be minimal.

There are no derivatives and hedging instruments.

The Group is not exposed to price risk given that no securities are held under financial assets.

The Group is not exposed to interest rate or cash flow risk due to the fact that the Group has no borrowing or complex financialinstruments.

1.12.2 Credit risk

Credit risk is considered to be the risk of financial loss incurred by the Group in the event that a customer or counterparty to an assetfails to meet contractual obligations.

The Group does not consider credit risk to be significant given the type of services it provides.

1.12.3 Liquidity risk

Management monitor rolling forecasts of the Group’s liquidity reserves, cash and cash equivalents on the basis of expected cashflows and therefore monitors liquidity risk sufficiently.

1.13 Research and development

Research and development expenditure is written off as incurred.

1.14 Taxes

Income Taxes include all taxes based upon the taxable profits of all Group companies. Other taxes not based on income such as property andcapital taxes are included within operating expenses or financial expenses according to their nature.

Deferred income tax is provided using the liability method on temporary differences between the tax bases of assets and liabilities and theircarrying amounts in the financial information.

Deferred income tax assets relating to the carry-forward of unused tax losses are recognised to the extent that it is probable that futuretaxable profit will be available against which the unused tax losses can be utilised.

Current and deferred income tax assets are offset when the income taxes are levied by the same taxation authority and when there is alegally enforceable right to offset them.

1.15 Share Based Payments

On occasion, the Company has made share-based payments to certain Directors and employees by way of issue of share options. The fairvalue of these payments is calculated by the Company using the binomial option valuation model.

The expense, where material, is recognised on a straight-line basis over the period from the date of award to the date of vesting, based onthe Company’s best estimate of the number of shares that will eventually vest.

1.16 Capital management

The Group considers its capital to comprise of its equity share capital, share premium, foreign exchange reserve, share options reserve andcapital redemption reserve, less its accumulated losses. Quantitative detail is shown in the consolidated statement of changes in equity.

The directors’ objective when managing capital is to safeguard the Group’s ability to continue as a going concern in order to provide returnsfor the shareholder and benefits for other stakeholders and to maintain an optimal capital structure to reduce the cost of capital.

The directors monitor a number of KPIs at both the Group and individual subsidiary level on a monthly basis. As part of the budgetaryprocess, targets are set with respect to operating expenses in order to effectively manage the activities of the Group. Performance is reviewedon a regular basis and appropriate actions are taken as required. These internal measures indicate the performance of the business againstbudget/forecast and to confirm that the Group has adequate resources to meet its working capital requirements.

1.17 Critical accounting estimates and judgements and key sources of estimation uncertainty

Estimates and judgements are continually evaluated and are based on experience and other factors, including expectations of future eventsthat are believed to be reasonable under the circumstances.

47


The following are the key estimates that the directors have made in the process of applying the Group’s accounting policies and have themost significant effect on the amounts recognised in the financial information. There are no further critical accounting judgements.

Going concern

The Group’s business model is being developed and its operations have incurred a net loss in each period reported within this FinancialInformation whilst the Group’s products and services are bought to market. Operations have been supported by cash flow from customersand issue of Equity such that the directors believe it is appropriate to adopt the going concern basis of preparation.

The directors have considered the Group’s future and forecast business and cash requirements and have determined that the current cashresource is sufficient to enable the Group’s going concern for a period of twelve months from the date of approval of these financialinformation.

Fair value of options granted to employees

The Group uses a combination of the Black-Scholes model and Binomial model in determining the fair value of options granted to employeesunder the Group’s various share schemes. The determination of the fair value of options requires a number of assumptions. The alteration ofthese assumptions may impact charges to the income statement over the vesting period of the award. Details of the assumptions used areshown in note 4.

1.18 Investments

Shares in subsidiary undertakings are stated at cost less provision for impairment. Provision is made against investments where diminutionin value is considered to be permanent.

2 Revenue and segmental informationAn analysis of the Group’s revenue for each period for its continuing operations, is as follows:

Group 2018 Company 2018 Group 2017 Company 2017£ £ £ £

Revenue from the sale of goods/licences 66,373 66,373 26,900 26,900

Revenue from the rendering of services related to goods/licences 30,336 30,336 141,554 141,554

Revenue from development services 402,227 402,227 267,030 267,030

Revenue from Consulting 568,673 301,062

Total Revenue 1,067,609 498,936 736,546 435,484

The IFRS 8 Operating segments requires the Group to determine its operating segments based on information which is provided internally. Based onthe internal reporting information and management structures within the Group, it has been determined that there are two geographic operatingsegments (UK and Poland) supported by one centralised cost segment (UK and Poland) and one revenue segment (UK). Reporting on this basis isreviewed by the Board of directors which is the chief operating decision-maker and is responsible for the strategic decision-making of the Group.

No analysis of net assets by geographic segment is provided as the net assets are principally all within the UK.

3 Expenses By NatureGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Staff and related costs 1,860,259 1,030,932 1,293,951 601,370

Consultancy and related costs 171,468 794,185 270,252 519,955

Professional fees 694,179 669,240 179,858 156,598

Property related costs 178,945 154,529 91,021 90,922

Depreciation 5,592 917 5,474

Other expenses 438,306 217,499 177,920 129,649

Total cost of sales and administrative expenses 3,348,749 2,867,302 2,018,476 1,498,494

48



Expenses by geographic segmentGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

UK 2,858,419 2,316,104 1,714,111 1,153,549

Poland 490,331 551,198 304,365 344,945

Total cost of sales and administrative expenses 3,348,749 2,867,302 2,018,476 1,498,494

4 Staff CostsStaff costs, including directors’ remuneration, were as follows:

Group 2018 Company 2018 Group 2017 Company 2017£ £ £ £

Wages and salaries 1,644,363 915,601 1,154,469 542,753

Social security costs 196,073 98,968 135,606 55,037

Share based payments 45,751 26,226 50,875 50,875

Other pension costs 19,823 16,364 3,876 3,580

1,906,010 1,057,159 1,344,826 652,245

The average monthly number of employees, including the directors, during the period was as follows:

Group 2018 Company 2018 Group 2017 Company 2017

Staff 26 13 21 10

Directors 9 7 7 5

Share based payments

The amount recognised in respect of share based payments was £45,751 for December 2018, £15,784 for 2017, £18,636 for 2016 and £16,455 for 2015.

The Group has established share option programmes that entitle certain employees to purchase shares in the Group.

These were issued in July 2014, November 2014, July 2015, December 2015, January 2016, June 2016, September 2016, June 2017, Jan 2018, May2018, July 2018 and October 2018.

There are no performance conditions attaching to these options. 6,666 options were exercised in April 2018 and 666 options were exercised inDecember 2018. No further options have been exercised as at 31 December 2018.

Total options issued amount to 149,010 as at 31 December 2018, 115,658 as at 31 December 2017 by Crossword Cybersecurity plc. See details in Note14 Earnings & Diluted Earnings per share.

27,500 share options were issued by Crossword Consulting Ltd in January 2018. Of these issued option, 3,000 shares lapsed as at 31 December 2018.A value has been attributed to these options, but they will not have the same dilutive impact as options in the parent entity and they have a verydifferent exercise price.

The share options have been valued using a binomial model applying the following inputs:

• Exercise price – equal to the share price at grant date;

• Vesting date – all options vest in three tranches, on the first, second and third anniversary from the grant date;

• Expiry/Exercise date – 10 years from the grant date;

• Volatility (sigma) – 35%. Given the thinly traded shares of the Company on NEX, we have estimated Crossword’s share price volatility by referenceto the calculated volatility of quoted comparator companies Sophos Group Plc and Osirium Technologies Plc.;

• Risk free rate – yield on a zero coupon government security at each grant date with a life congruent with the expected option life;

• Dividend yield – 0%;

• Staff turnover – 0%. We have however adjusted the P+L charge for the current year (and future years) to account for lapsed options due toLeavers; and

• Performance conditions – none.

49


Reconciliation of share options – Company

Weighted average Weighted averageexercise price exercise price2018 2018 2017 2017

£ £ £ £

1st January 115,658 1.29 110,158 1.26

Granted during the period 50,186 3.02 11,500 1.90

Lapsed/exercised during the period (16,834) 1.95 (6,000) 1.90

End of the period 149,010 1.80 115,658 1.29

Reconciliation of share options-Crossword Consulting Limited

Weighted average Weighted averageexercise price exercise price2018 2018 2017 2017

£ £ £ £

1st January – –

Granted during the period 27,500 0.01 – –

Lapsed/exercised during the period (3,000) 0.01 – –

End of the period 24,500 0.01 – –

5 Directors’ Remuneration

Remuneration2018 2017

£ £

Sir Richard Dearlove 25,000 25,000

Tom Ilube 115,000 100,000

Dr David Secher 6,000 6,000

Prof David Stupples 12,000 12,000

Andy Gueritz 6,000 6,000

Ruth Anderson 6,000 –

Gordon Matthew 12,000 12,000

Mary Dowd 62,949 –

John Bottomley 3,000 6,000

Total 247,949 167,000

Share Options issued (2017 nil)Year Share Options Exercise Price Total Value

Sir Richard Dearlove 2018 6,757 £ 3.70 £ 9,902

Mary Dowd 2018 7,936 £ 3.15 £ 9,993

There is no key management personnel compensation outside of Directors’ remuneration in any period presented.

50



6 Auditor’s RemunerationThe expenses for services rendered by the Group auditor present themselves as follows

Group 2018 Group 2017£ £

Fees for legal audit of consolidated financial information 31,000 20,500

Fees for tax advisory services 5,004 5,000

Fees for other services – –

36,004 25,500

7 Tax

Income taxGroup 2018 Group 2017

£ £

Current income tax expense 8,052 4,730

Deferred income tax – –

Total tax expense 8,052 4,730

There is no tax charge in respect of other comprehensive income.

The deferred income taxes for all years/periods and deferred tax assets as at the end of each year/period were considered nil as the Directorsconsider there is no sufficient certainty over the recoverability of the corporation tax losses available.

Corporation tax losses carried forward for offset against future year’s trading profits amount to approximately £3,500,000 (2017: £2,500,000,2016: £1,600,000, 2015: £700,000).

Group 2018 Group 2017£ £

Loss before taxation 2,132,252 1,235,515

Average rate of corporation tax 19.00% 19.25%

Tax on profit (405,128) (237,837)

Effects of:

Expenses not deductible for tax purposes 11,608 7,004

Depreciation for the period in excess of capital allowances 5,592 5,474

Deferred tax not recognised 379,876 220,629

Total tax charge (8,052) (4,730)

Factors that may affect future tax changes

A reduction in the UK corporation tax rate from 20% to 19% was enacted in October 2015 and took effect from 1 April 2017. A further valuation from19% to 17% was substantively enacted on the same date and will take effect from 1 April 2020.

Polish Corporation Tax has been 19% until 1 January 2017, when Crossword started to benefit from the new small companies reduced rate of 15%adopted by the Parliament Act amendment to Polish CIT Law.

51


8 Tangible Assets

ComputersGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Cost b/f 22,924 7,322

Additions 15,602

(Disposals) (250)

22,674 – 22,924 –

Accumulated Depreciation

B/F 10,516 5,042

Charge for the period 4,675 5,474

C/d 15,191 – 10,516 –

Net Book Value 7,483 – 12,408 –

Furniture and FittingsGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Cost b/f – – – –

Additions 5,500 5,500 – –

5,500 5,500 – –

Accumulated Depreciation

B/F – – – –

Charge for the period 917 917 – –

C/d 917 917 – –

Net Book Value 4,583 4,583 – –

9 Other Unlisted InvestmentGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Cost b/f 31 1,048 31 1,048

Investment in Crossword Consulting Ltd – 10,000 – –

C/D 31 11,048 31 1,048

Carrying Amount 31 11,048 31 1,048

The above Group investment represents Crossword Cybersecurity plc’s 2018 – 9.88% (2017 – 11.069%, 2016 – 14.58%) holding in CyberOwl Limitedwhich was purchased on 18 April 2016.

The above Company investment represents Crossword Cybersecurity plc’s 100% holding in its subsidiaries, Crossword Cybersecurity Ltd andCrossword Cybersecurity Sp Z.o.o.

52



10 Trade and Other ReceivablesGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Trade receivables 287,262 292,955 91,690 75,741

Other receivables 142,664 427,468 49,788 338,610

Prepayments & accrued income 129,461 127,781 34,102 33,152

559,387 848,204 175,580 447,503

Overdue 19,620 24,000

All overdue amounts were paid following the period end.

All of the above amounts are considered to be due within one year. The maximum exposure to credit risk at the reporting date is the carrying value asabove and none are impaired.

Of the above amounts held within the Group, 2018: £15,195; 2017: £32,566; is denominated in Polish Zloty with the remainder in GBP.

Foreign exchange risk is currently minimal as balances in Polish Zloty are between the parent and its wholly owned subsidiary.

11 Trade and Other PayablesGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Trade payables 133,857 160,352 44,101 67,742

Accruals and deferred income 101,946 90,882 34,370 24,959

Other payables 47,216 14 13,605 1,672

283,018 251,248 92,076 94,373

All of the above amounts are considered to be due within one year.

Of the above amounts held within the Group, £19,569 (2017: £31,149) is denominated in Polish Zloty with the remainder in GBP.

Suppliers denominated in Euros had a balance of £7,452 outstanding at 31st December 2018 (zero in previous periods).

12 Operating Leases2018 2017

Land & Land &Buildings Other Total Buildings Other Total

Future Commitments under operating leases

Group

Within 1 year 172,503 – 172,503 6,383 – 6,383

Within 1-2 years 245,440 – 245,440 – – –

Within 2-5 years – – – – – –

Greater than 5 years – – – – – –

417,943 – 417,943 6,383 – 6,383

53


2018 2017Land & Land &

Buildings Other Total Buildings Other Total

Company

Within 1 year 126,465 – 126,465 – – –

Within 1-2 years 172,547 – 172,547 – – –

Within 2-5 years – – – – – –

Greater than 5 years – – – – – –

299,012 – 299,012 – – –

13 Share Capital

Allotted called up and fully paid

2015: 2,383,460, 2016: 3,120,250, 2017:3,183,408, 2018: 4,680,440 ordinary shares of £0.05 each

2018 2017£ £

Share Capital

Cost b/f 159,173 156,015

Shares Issued in period 74,849 3,158

234,022 159,173

Share Premium

B/F 3,555,522 3,413,416

Shares Issued in period 3,958,384 142,106

C/d 7,513,906 3,555,522

The shares issued during the period represent the additional financing requirements of the Group, and were ordinary shares of £0.01 issued at apremium of £3,958,384, ranking pari passu with existing shares. All shares are fully paid up.

14 Earnings & Diluted Earnings per shareEarnings per share is calculated by dividing the loss for the period attributable to ordinary equity shareholders of the parent by the weighted averagenumber of ordinary shares outstanding during the year.

During the year the calculation was based on the loss for the year of £2,132,252 (2017: £1,235,515) divided by the weighted average number of ordinaryshares of 3,853,254 (2017: 3,158,318).

Diluted earnings per share is calculated by dividing the loss of the year by the weighted average number of ordinary shares outstanding during theyear plus unexercised share based payments. The weighted average number of ordinary shares used in the calculation of diluted earnings per sharewas 4,725,481 (2017: 3,277,481).

54



15 Reconciliation of Cash Flows from Financing Activities (IAS 7)2018 2017

£ £

Net Debt Reconciliation

Cash in hand 72

Cash at bank 2,267,750 490,090

Cash and liquid investments 2,267,822 490,090

Borrowing repayable within one year (including overdrafts) (45,116) –

Cash and Cash equivalents 2,222,706 490,090

Cash Borrowings Total cashand liquid due within and cash

Investments one year equivalents£ £ £

Net debt as at 1 January 2017 1,548,906 1,548,906

Cash flows (1,058,816) (1,058,816)

Net debt as at 31 December 2017 490,090 490,090

Cash flows 1,777,732 (45,116) 1,732,616

Net debt as at 31 December 2018 2,267,822 (45,116) 2,222,706

16 ReservesThe following describes the nature and purpose of each reserve within owners’ equity.

Reserve Description and purpose

Share capital This represents the nominal value of shares issued

Share premium Amount subscribed for share capital in excess of nominal value

Equity reserve Represents amounts charged on share options that have been granted to employees

Retained earnings Cumulative net gains and losses recognised in the consolidated statement of comprehensive income

Translation of foreign operations is the difference that arises due to consolidation of foreign subsidiaries using an average rate during theperiod and a closing rate for the period end statement of financial position

17 Financial InstrumentsGroup 2018 Company 2018 Group 2017 Company 2017

£ £ £ £

Financial Assets

Equity instruments measured at cost 31 11,048 31 1,048

Financial assets that are debt instruments measured at amortised cost 559,387 720,423 141,478 414,351

2,222,737 731,471 141,509 415,399

Financial Liabilities

Financial liabilities measured at amortised cost 181,072 160,352 57,706 69,415

181,072 160,352 57,706 69,415

Upon adoption of IFRS9, Trade and other receivables were reclassified to Financial assets that are debt instruments measured at amortised cost;Trade and other payables to Financial liabilities measured at amortised cost. Investments to Equity instruments measured at cost. There was nochange in carrying amount.

55


18 Pension obligationsThe Group operates a defined contribution pension scheme for employees in the United Kingdom. A defined contribution scheme is a pension planunder which the Group pays fixed contributions into a separate entity. The Group has no legal or constructive obligations to pay further contributions ifthe fund does not hold sufficient assets to pay all employees the benefits relating to employee service in the current and prior years.

Contributions payable to the Group’s pension scheme are charged to the income statement in the year to which they relate. The Group has no furtherpayment obligations once the contributions have been paid.

In Poland, the Group pays the statutory employer’s contribution into the public pension scheme for each employee, but does not operate any pensionschemes.

19 Related Party Transactions2018 2017

CyberOwl Limited – Crossword Cybersecurity plc has an investment in CyberOwl Limited

Tom Ilube is an Non Executive Director of CyberOwl Limited

Percentage Holding 9.88% 11.069%

Revenue from development services £ 165,806 153,222

Balance Outstanding £ 15,960 14,340

Byzgen Limited – Crossword Cybersecurity has a licencing agreement with Byzgen Limited

Tom Ilube is an Non Executive Director of Byzgen Limited

Revenue from development services and licence agreement £ 236,421 113,808

Balance Outstanding £ 18,656 20,768

2018 2017

Subsidiary Transactions

Crossword Cybersecurity Limited

Services received from £ 47,802 –

Balance payable to £ 5,380 –

Services supplied to £ 147,153 45,121

Balance Due from £ 68,351 20,971

Crossword Cybersecurity SP Z.o.o

Services received from £ 551,198 335,256

Balance payable to £ 45,149 30,441

Services supplied to £ – –

Balance Due from £ – –

20 Controlling PartyThe ultimate controlling party throughout the current and previous year was T IIube, a director, by virtue of his holding of the Company’s votingshares.

56



57


Notice is hereby given that the Annual General Meeting of Crossword Cybersecurity plc (the “Company”) will be held at the offices of ShakespeareMartineau LLP, 6th Floor, 60 Gracechurch Street, London EC3V 0HR on Thursday 9th May 2019 at 3.00 pm for the following purposes:

Ordinary Business1. To receive and adopt the report of the directors and the financial statements for the year ended 31 December 2018 and the report of the

auditors thereon.

2. To re-elect, as a director of the Company, Mary Dowd who retires in accordance with Article 85 of the Company’s Articles of Association andoffers herself for re-election.

3. To re-elect, as a director of the Company, Thomas Ilube who retires as a director and offers himself for re-election.

4. To re-appoint MHA MacIntyre Hudson as auditors to hold office from the conclusion of the Annual General Meeting until the conclusion of thenext general meeting of the Company at which the accounts are laid before members and to authorise the directors to determine theirremuneration.

Special BusinessTo consider, and if thought fit, to pass the following resolutions, of which resolutions 5 and 7 will be proposed as Ordinary Resolutions and resolution6 will be proposed as a Special Resolution:

5. THAT the Directors be and they are hereby generally and unconditionally authorised pursuant to Section 551 of the Companies Act 2006 (“theAct”), in substitution for all previous powers granted to them, to exercise all the powers of the Company to allot and make offers to allotrelevant securities (within the meaning of the Act) up to an aggregate nominal amount of £45,000.00 such authority shall, unless previouslyrevoked or varied by the Company in general meeting, expire on the conclusion of the Annual General Meeting of the Company to be held in2020 provided that the Company may, at any time before such expiry, make an offer or enter into an agreement which would or might requirerelevant securities to be allotted after such expiry and the Directors may allot relevant securities pursuant to any such offer or agreement asif the authority conferred hereby had not expired.

6. THAT the Directors be and they are hereby authorised pursuant to Section 570 of the Act to allot equity securities (as defined in Section 560 ofthe Act) for cash pursuant to the authority conferred by resolution 5 above as if Section 561(1) of the Act did not apply to any such allotment,provided that this power shall be limited to:

(a) the allotment of equity securities in connection with an issue in favour of shareholders where the equity securities respectivelyattributable to the interests of all such shareholders are proportionate (or as nearly as may be practicable) to the respective numberof Ordinary Shares in the capital of the Company held by them on the record date for such allotment, but subject to such exclusionsor other arrangements as the Directors may deem necessary or expedient in relation to fractional entitlements or legal or practicalproblems under the laws of, or the requirements of, any recognised regulatory body or any stock exchange, in any territory;

(b) the allotment of equity securities arising from the exercise of options or the conversion of any other convertible securitiesoutstanding at the date of this resolution; and

(c) the allotment (otherwise than pursuant to sub-paragraph (a) and (b) above) of further equity securities up to an aggregate nominalamount of £40,000.00;

provided that this power shall, unless previously revoked or varied by special resolution of the Company in general meeting, expire at theconclusion of the Annual General Meeting of the Company to be held in 2020. The Company may, before such expiry, make offers oragreements which would or might require equity securities to be allotted after such expiry and the Directors are hereby empowered to allotequity securities in pursuance of such offers or agreements as if the power conferred hereby had not expired.

7. THAT the aggregate amount of fees paid to Directors, other than Executive directors, in any one financial year, as set out in article 101 of theArticles of Association of the Company, be increased from £100,000 to £125,000.

BY ORDER OF THE BOARDB Harber 6th FloorCompany Secretary 60 Gracechurch Street12 April 2019 London EC3V 0HR

Notice of AGM

Notes

1. Members are entitled to appoint a proxy to exercise all or any of their rights to attend and to speak and vote on their behalf at the meeting. Aproxy need not be a shareholder of the Company. A shareholder may appoint more than one proxy in relation to the Annual General Meetingprovided that each proxy is appointed to exercise the rights attached to a different share or shares held by that shareholder. Should you wishto appoint more than one proxy please return the form of proxy and attach to it a schedule detailing the names of the proxies you wish toappoint, the number of shares each proxy will represent and the way in which you wish them to vote on the resolutions that are to beproposed. To be valid, the form of proxy and the power of attorney or other authority (if any) under which it is signed or a certifiedcopy of such power or authority must be lodged at the offices of the Company’s registrars, Share Registrars Limited, The Courtyard,17 West Street, Farnham, Surrey, GU9 7DR by hand or sent by post, or by fax to +44 (0)1252 719232, so as to be received not lessthan 48 hours before the time fixed for the holding of the meeting or any adjournment thereof (as the case may be), excluding anypart of a day which is not a working day.

2. The completion and return of a form of proxy will not preclude a member from attending in person at the meeting and voting should he wishto do so.

3. The Company has specified that only those members entered on the register of members at 6pm on 7th May 2019 shall be entitled to attendand vote at the meeting in respect of the number of ordinary shares of £0.05 each in the capital of the Company held in their name at thattime. Changes to the register after 6pm on 7th May 2019 shall be disregarded in determining the rights of any person to attend and vote atthe meeting.

4. Resolution 2 – Article 90.1 of the Company’s Articles of Association require that a director of the Company appointed to the Board pursuantto Article 85 must offer themselves for re-appointment at the next Annual General Meeting.

5. Resolution 3 – Thomas Ilube has offered himself for re-election at this Annual General Meeting.

6. Resolution 5 – As required by the Act, this resolution, to be proposed as an Ordinary Resolution, relates to the grant to the Directors ofauthority to allot unissued Ordinary Shares until the conclusion of the Annual General Meeting to be held in 2020, unless the authority isrenewed or revoked prior to such time. If approved, this authority is limited to a maximum of 900,000 Ordinary Shares.

7. Resolution 6 – The Act requires that if the Directors decide to allot unissued Ordinary Shares in the Company the shares proposed to beissued be first offered to existing shareholders in proportion to their existing holdings. This is known as shareholders’ pre-emption rights.However, to act in the best interests of the Company the Directors may require flexibility to allot shares for cash without regard to theprovisions of Section 561(1) of the Act. Therefore this resolution, to be proposed as a Special Resolution, seeks authority to enable theDirectors to allot equity securities up to a maximum of 800,000 Ordinary Shares. This authority expires at the conclusion of the AnnualGeneral Meeting to be held in 2020.

8. Resolution 7 – The purpose of this resolution is to increase the existing cap set out in article 101 of the Company’s articles of association toensure the Company has sufficient headroom to pay fees to non-executive directors. Since adoption of the articles of association in May 2014the number of non-executive directors has increased from two to six. Details of the fees paid to non-executive directors can be found withinthe Company’s Annual Report for the year ended 31st December 2018.

Notice of AGM continued

58


59


DIRECTORS Sir Richard Dearlove (Chairman)

T Ilube (CEO)

Dr D Secher

Professor D Stupples

A Gueritz

G Matthew

R Anderson (appointed 01 February 2018)

M Dowd (appointed 14 June 2018)

REGISTERED NUMBER 08927013

REGISTERED OFFICE 60 Gracechurch Street

London

EC3V 0HR

INDEPENDENT AUDITOR MHA MacIntryre Hudson

Chartered Accountants & Statutory Auditors

New Bridge Street House

3034 New Bridge Street

London

EC4V 6BJ

NOMAD Grant Thornton LLP

30 Finsbury Square

London

EC2P 2YU

CORPORATE BROKER Hybridan LLP

20 Ironmonger Lane

London

EC2V 8EP

Company Information

[Intentionally Left Blank]

60



Crossword Cybersecurity plc60 Gracechurch Street, London EC3V 0HRe: [email protected]: @crosswordcybert: +44 (0) 20 8973 2350

Documents

CROSSWORD CYBERSECURITY PLC€¦ · Corporate Governance Report 17 Directors’ Report & Statement of Directors’ Responsibilities 29 Independent Auditor’s Report 32 FINANCIAL